x-Frame error after update to 12.0.5(solved)

The “X-Frame-Options” HTTP header is not configured to equal to “SAMEORIGIN”. This is a potential security or privacy risk and we recommend adjusting this setting.

Nextcloud version : 12.0.5
Operating system and version : Centos 7
Apache or nginx version : Apache 2.4.6
PHP version : 7.0.25

The issue you are facing:
admin page says: The “X-Frame-Options” HTTP header is not configured to equal to “SAMEORIGIN”. This is a potential security or privacy risk and we recommend adjusting this setting.

Is this the first time you’ve seen this error? : Yes

Steps to replicate it:

1. Update from 12.0.4 to 12.0.5
2. open admin console
3. View error message

The output of your Nextcloud log in Admin > Logging:

Debug	core	Scss is disabled for /var/www/html/nextcloud/core/css/share.scss, ignoring	2018-01-24T11:06:42-0600
Debug	core	Scss is disabled for /var/www/html/nextcloud/core/css/server.scss, ignoring	2018-01-24T11:06:42-0600
Debug	cron	Finished OCA\Files_Trashbin\BackgroundJob\ExpireTrash job with ID 3 in 0 seconds	2018-01-24T11:06:42-0600
Debug	cron	Run OCA\Files_Trashbin\BackgroundJob\ExpireTrash job with ID 3	2018-01-24T11:06:42-0600
Debug	ojsxc	Receiving {admin} : <body rid='123609' xmlns='http://jabber.org/protocol/httpbind' sid='internal'><iq type='get' xmlns='jabber:client' id='74d0087c-0596-465c-99b0-a2026697eecd:sendIQ'><vCard xmlns='jabber:vcard-temp'/></iq></body>	2018-01-24T11:06:40-0600
Debug	ojsxc	Receiving {admin} : <body rid='123608' xmlns='http://jabber.org/protocol/httpbind' sid='internal'><iq from='admin@10.200.1.127/internal' to='admin@10.200.1.127' type='get' xmlns='jabber:client' id='63c95af2-02b0-4b7f-b399-a3035e77fe1b:sendIQ'><query xmlns='http://jabber.org/protocol/disco#info'/></iq></body>	2018-01-24T11:06:40-0600
Debug	ojsxc	Receiving {admin} : <body rid='123609' xmlns='http://jabber.org/protocol/httpbind' sid='internal'><iq type='get' xmlns='jabber:client' id='74d0087c-0596-465c-99b0-a2026697eecd:sendIQ'><vCard xmlns='jabber:vcard-temp'/></iq></body>	2018-01-24T11:06:40-0600
Debug	ojsxc	Receiving {admin} : <body rid='123608' xmlns='http://jabber.org/protocol/httpbind' sid='internal'><iq from='admin@10.200.1.127/internal' to='admin@10.200.1.127' type='get' xmlns='jabber:client' id='63c95af2-02b0-4b7f-b399-a3035e77fe1b:sendIQ'><query xmlns='http://jabber.org/protocol/disco#info'/></iq></body>	2018-01-24T11:06:40-0600
Debug	cron	Finished OCA\LookupServerConnector\BackgroundJobs\RetryJob job with ID 193 in 1 seconds

Maybe your nextcloud .htaccess file has X-Frame-Options set (Header set X-Frame-Options "SAMEORIGIN"), duplicating the header already sent by Nextcloud. If that’s the case, commenting or removing that line could help.

Where do I find the .htaccess file?

Usually in the root of your nextcloud instance, at the same level as the config folder. It’s a hidden file.

There was no option in there for x-frame. Maybe it got deleted in the update? Either way, I entered in there, reloaded httpd, and now it works fine. Thank you for the help.

The option was there in the past (v11.x) but was removed time ago on v12.x