Our team is currently looking to embed a JIRA service desk support portal into a web page owned by our company. The issue here is that these web sites have different URL’s. This means that when we attempt to embed the page the security headers in JIRA prevent this. I found that we can disable them for the whole JIRA instance using https://confluence.atlassian.com/jirakb/security-headers-in-jira-939919914.html . This solution though, fails our companies security policy. I was wondering if there would be a way to disable these for certain outbound addresses using our proxy. IE, only remove the headers when traffic is going to a certain destination.
Any ideas? or have I taken the entirely wrong approach to this?