We are trying to fix cross frame scripting issue by adding <% response.addHeader("X-Frame-Options", "SAMEORIGIN"); %> in jsp page, my project archituecture doesn't support single control servlet ,so added x-frame tag in each jsp.
but still this issue cross frame scripting occurs in application.
<BODY bgcolor="white" onLoad="displayApp()">
You may close this window once the application starts.<br>
To logout, simply close the main application window.<br>
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">