Set x-frame-option to sameorigin to allow the Sidekiq iframe to display.

CHANGELOG

@@ -13,6 +13,7 @@ v 7.0.0
   - Group masters can create projects in group
   - Deprecate ruby 1.9.3 support
   - Only masters can rewrite/remove git tags
+  - Header X-Frame-Options allows SAMEORIGIN to display the Sidekiq interface
 
 v 6.9.2
   - Revert the commit that broke the LDAP user filter

app/controllers/application_controller.rb

@@ -164,7 +164,7 @@ class ApplicationController < ActionController::Base
   end
 
   def default_headers
-    headers['X-Frame-Options'] = 'DENY'
+    headers['X-Frame-Options'] = 'SAMEORIGIN' # Allow for the Sidekiq iframe in /admin/background_jobs
     headers['X-XSS-Protection'] = '1; mode=block'
     headers['X-UA-Compatible'] = 'IE=edge'
     headers['X-Content-Type-Options'] = 'nosniff'