diff --git a/production/nginx/server-common.conf b/production/nginx/server-common.conf
index 2f84cda7f..9a2a582c0 100644
--- a/production/nginx/server-common.conf
+++ b/production/nginx/server-common.conf
@@ -8,8 +8,11 @@ add_header Onion-Location http://$onion.onion$request_uri;
 add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
 
 # generate frame configuration from origin header
-set $frameOptions "DENY";
-set $contentSecurityPolicy "frame-ancestors 'none'";
+if ($frameOptions = '')
+{
+	set $frameOptions "DENY";
+	set $contentSecurityPolicy "frame-ancestors 'none'";
+}
 
 # used for iframes on https://mempool.space/network
 if ($http_referer ~ ^https://mempool.space/)