Our school's main web platform is shifting to Drupal and what we have discovered is that we can no longer embed departmental websites into iframes and display that content inside our portal. I've done some research on clickjacking, which appears to be the reason behind Drupal using the X-Frame-Options configuration to deny the request. We are having a meeting to discuss this but I would like to know if anyone else has experienced this issue. Are there really security issues around displaying a departmental webpage inside a Luminis portal when both sites are hosted within the same institution?
Any info would be appreciated.
University of Vermont