lchrusciel/XFrameOptionsSubscriber.php

## services.yaml
# config/services.yaml
services:
    # ...
    App\EventListener\XFrameOptionsSubscriber:
        tags: ['kernel.event_subscriber']

## XFrameOptionsSubscriber.php
<?php

// src/EventListener/XFrameOptionsSubscriber.php

namespace App\EventListener

final class XFrameOptionsSubscriber implements EventSubscriberInterface
{
    public static function getSubscribedEvents(): array
    {
        return [
            KernelEvents::RESPONSE => 'onKernelResponse',
        ];
    }

    public function onKernelResponse(ResponseEvent $event): void
    {
        if (!$this->isMainRequest($event)) {
            return;
        }

        $response = $event->getResponse();

        $response->headers->set('X-Frame-Options', 'sameorigin');
    }

    private function isMainRequest(ResponseEvent $event): bool
    {
        if (\method_exists($event, 'isMainRequest')) {
            return $event->isMainRequest();
        }

        return $event->isMasterRequest();
    }
}
	# config/services.yaml
	services:
	# ...
	App\EventListener\XFrameOptionsSubscriber:
	tags: ['kernel.event_subscriber']
	<?php

	// src/EventListener/XFrameOptionsSubscriber.php

	namespace App\EventListener

	final class XFrameOptionsSubscriber implements EventSubscriberInterface
	{
	public static function getSubscribedEvents(): array
	{
	return [
	KernelEvents::RESPONSE => 'onKernelResponse',
	];
	}

	public function onKernelResponse(ResponseEvent $event): void
	{
	if (!$this->isMainRequest($event)) {
	return;
	}

	$response = $event->getResponse();

	$response->headers->set('X-Frame-Options', 'sameorigin');
	}

	private function isMainRequest(ResponseEvent $event): bool
	{
	if (\method_exists($event, 'isMainRequest')) {
	return $event->isMainRequest();
	}

	return $event->isMasterRequest();
	}
	}