diff --git a/application/config/routes.php b/application/config/routes.php
index 5249eee484..15ab0ef503 100644
--- a/application/config/routes.php
+++ b/application/config/routes.php
@@ -57,6 +57,22 @@
 
 $route['translate_uri_dashes'] = FALSE;
 
+/*
+| -------------------------------------------------------------------------
+| FRAME OPTIONS HEADERS
+| -------------------------------------------------------------------------
+| Set the appropriate headers so that iframe control and permissions are 
+| properly configured.
+|
+| Options:
+|
+|   - DENY 
+|   - SAMEORIGIN 
+|
+*/
+
+header('X-Frame-Options: SAMEORIGIN');
+
 /*
 | -------------------------------------------------------------------------
 | CORS HEADERS