diff --git a/apps/remoteStorage/auth.php b/apps/remoteStorage/auth.php
index f508983d05236b0453c215f241753b0b1f165593..8cbd4aa20f12495a9b8c91d7f5c527ae9fb1c664 100644
--- a/apps/remoteStorage/auth.php
+++ b/apps/remoteStorage/auth.php
@@ -25,6 +25,7 @@
 *
 */
 
+header("X-Frame-Options: Sameorigin");
 
 // Do not load FS ...
 $RUNTIME_NOSETUPFS = true;