fix: allow x-frames in apache configs

INSTALL/apache.24.misp.ssl

@@ -23,7 +23,7 @@
 
     Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
     Header always set X-Content-Type-Options nosniff
-    Header always set X-Frame-Options DENY
+    Header always set X-Frame-Options SAMEORIGIN 
     Header always unset "X-Powered-By"
 
     # TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy

INSTALL/apache.misp.centos7

@@ -24,7 +24,7 @@
     ServerSignature Off
 
     Header always set X-Content-Type-Options nosniff
-    Header always set X-Frame-Options DENY
+    Header always set X-Frame-Options SAMEORIGIN 
     Header always unset "X-Powered-By"
 
     # TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy

INSTALL/apache.misp.centos7.ssl

@@ -47,7 +47,7 @@
 
     Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
     Header always set X-Content-Type-Options nosniff
-    Header always set X-Frame-Options DENY
+    Header always set X-Frame-Options SAMEORIGIN 
     Header always unset "X-Powered-By"
 
     # TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy

INSTALL/apache.misp.ubuntu

@@ -16,7 +16,7 @@
     ServerSignature Off
 
     Header always set X-Content-Type-Options nosniff
-    Header always set X-Frame-Options DENY
+    Header always set X-Frame-Options SAMEORIGIN 
     Header always unset "X-Powered-By"
 
     # TODO: Think about X-XSS-Protection, Content-Security-Policy, Referrer-Policy & Feature-Policy