Sameorigin X-Frame-Options -- Trusted Domain


I have included in our SuiteCRM a ownCloud - just as a simple Tab by iframe.
Here arose the problem that the ownCloud not be present in the iframe.
However, this is easy to fix on the Config.php in which one x-frame-options set to false.

Now the question arises whether this can not be excluded in SuiteCRM. Clickjacking is there a keyword.
Has there been someone doing this?

SuiteCRM can so easily be integrated into every page via iframe.

My question is, can I put x-frame-options in SuiteCRM and eg allow for specific domain, if so - where do you do that best?