our security and pen test team reported one issue that the below resource is missing x-frame-options header?
Any suggestions or thoughts why only this page alone missing that header even though it is set at Keycloak console?
<keycloak-domain/auth/realms//protocol/openid-connect/3p-cookies/step1.html
Keycloak version: 21.1.2
The realm security defenses setting already configured but still it is reported as an issue.