diff --git a/src/main/java/com/structurizr/lite/web/AbstractController.java b/src/main/java/com/structurizr/lite/web/AbstractController.java
index eae4179..e998cf0 100644
--- a/src/main/java/com/structurizr/lite/web/AbstractController.java
+++ b/src/main/java/com/structurizr/lite/web/AbstractController.java
@@ -38,10 +38,6 @@ protected void addSecurityHeaders(HttpServletResponse response, ModelMap model)
         response.addHeader(CONTENT_SECURITY_POLICY_HEADER, String.format("script-src 'self' 'nonce-%s'", nonce));
     }
 
-    @ModelAttribute
-    protected void addXFrameOptionsHeader(HttpServletRequest request, HttpServletResponse response) {
-        response.addHeader("X-Frame-Options", "deny");
-    }
 
     protected void addCommonAttributes(ModelMap model, String pageTitle, boolean showHeaderAndFooter) {
         model.addAttribute("timeZone", TimeZone.getDefault().getID());
@@ -81,4 +77,4 @@ public void setWorkspaceComponent(WorkspaceComponent workspaceComponent) {
         this.workspaceComponent = workspaceComponent;
     }
 
-}
\ No newline at end of file
+}
diff --git a/src/main/java/com/structurizr/lite/web/EmbedController.java b/src/main/java/com/structurizr/lite/web/EmbedController.java
index 65c873f..fd0d7f9 100644
--- a/src/main/java/com/structurizr/lite/web/EmbedController.java
+++ b/src/main/java/com/structurizr/lite/web/EmbedController.java
@@ -9,16 +9,10 @@
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 
-import jakarta.servlet.http.HttpServletRequest;
-import jakarta.servlet.http.HttpServletResponse;
 
 @Controller
 public class EmbedController extends AbstractController {
 
-    @Override
-    protected void addXFrameOptionsHeader(HttpServletRequest request, HttpServletResponse response) {
-        // do nothing ... this page is supposed to be iframe'd
-    }
 
     @RequestMapping(value = "/embed", method = RequestMethod.GET)
     public String embedFromParent(@RequestParam(required = false, defaultValue = "0") long workspace,
@@ -73,4 +67,4 @@ public String embedFromParent(@RequestParam(required = false, defaultValue = "0"
         }
     }
 
-}
\ No newline at end of file
+}