OJET takes care of it

Oracle Banking Trade Finance Process Management uses the X-Frame-Options HTTP response header to indicate whether or not a browser should be allowed to render a page in a <frame> or <iframe>. This is used to avoid Clickjacking attacks, by ensuring that the content is not embedded into other sites

Evidence

Evidence: response.addHeader("X-FRAME-OPTIONS", "DENY");.