Description:
Google Chrome version 31 reports that it is reverting to DENY when both SAMEORIGIN and GOFORIT are specified for X-Frame-Options.
Only use SAMEORIGIN. Remove GOFORIT.
Solution:
Review the X-Frame-Options in the configuration for IIS or Tomcat. Resolve any conflict.
The steps to configure the IIS web server are outlined in the following Microsoft article:
http://support.microsoft.com/kb/2694329
The configuration for the Tomcat web server for CA Service Desk Manager is contained in the file named:
web.xml
That file exists at:
$NX_ROOT\bopcfg\www\CATALINA_BASE\webapps\CAisd
You may find that SAMEORIGIN is specified in that file. However, it should not contain GOFORIT.
Note: It is possible that X-Frame-Options are set in the Apache server's httpd.conf, or via a Chrome add-on.