diff --git a/src/main/java/com/boot/security/server/config/SecurityConfig.java b/src/main/java/com/boot/security/server/config/SecurityConfig.java
index 7d3a0c4..e06b76d 100644
--- a/src/main/java/com/boot/security/server/config/SecurityConfig.java
+++ b/src/main/java/com/boot/security/server/config/SecurityConfig.java
@@ -32,7 +32,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 				.permitAll().anyRequest().authenticated().and().formLogin().loginPage("/login.html")
 				.loginProcessingUrl("/login").successHandler(authenticationSuccessHandler)
 				.failureHandler(authenticationFailureHandler).and().logout().logoutUrl("/logout")
-				.logoutSuccessHandler(logoutSuccessHandler).and().csrf().disable();
+				.logoutSuccessHandler(logoutSuccessHandler).and().csrf().disable().headers().frameOptions()
+				.sameOrigin();
 	}
 
 	@Override