How to enable X-FRAME-OPTIONS in EEM (Embedded Entitlements Manager) to make it secure to Cross-Frame scripting ?

Release : 11.3.6

Component : Embedded Entitlements Manager

1) Locate the file Spin.conf in  iTechnology folder  (default folders:  c:\Program Files\CA\SharedComponents\iTechnology    /opt/CA/SharedComponents/iTechnology)

2) Look for   <xframeoption>false</xframeoption>     there are two lines with same option/value

3) Change the value to false,   so:    <xframeoption>true/xframeoption>

Below is the example.

<?xml version='1.0' encoding='UTF-8' standalone='no'?>
<iSponsor>
 <Name>Spin</Name>
 <ImageName>Spin</ImageName>
 <Version>4.7.6.1</Version>
 <DispatchEP>iDispatch</DispatchEP>
 <ISType>DSP</ISType>
 <PreLoad>true</PreLoad>
 <Gated>false</Gated>
 <Raw>true</Raw>
 <SessionTimeout>10</SessionTimeout>
 <LoadSessionTimeout>5</LoadSessionTimeout>
 <LoadSessionCount>0</LoadSessionCount>
 <MaxRequests></MaxRequests>
 <Spindle name="baseSpindle">
  <version>4.7.6.1</version>
  <description>SPIN Administration</description>
  <imagename>baseSpindle</imagename>
  <urlprefix></urlprefix>
  <spar>baseSpindle.spar</spar>
  <directory></directory>
  <config></config>
  <redirecthttps>true</redirecthttps>
  <sendevents>true</sendevents>
  <anonymouslogin>true</anonymouslogin>
  <xframeoption>true</xframeoption>
 </Spindle>
 <Spindle name="eiamSpindle">
  <version>12</version>
  <description>EEM Interface</description>
  <imagename>C:/PROGRA~1/CA/SC/EMBEDD~1/lib\eiamSpindle</imagename>
  <urlprefix>/eiam</urlprefix>
  <spar>eiamSpindle.spar</spar>
  <directory></directory>
  <redirecthttps>true</redirecthttps>
  <sendevents>false</sendevents>
  <xframeoption>true</xframeoption>
  <uicompat>false</uicompat>
  <ssocookie>SM</ssocookie>
 </Spindle>
</iSponsor>

4) Save the file

5) Restart iGateway Service.