diff --git a/application/ajaxwebpage.class.inc.php b/application/ajaxwebpage.class.inc.php
index 82ddaf0d1..ce991285f 100644
--- a/application/ajaxwebpage.class.inc.php
+++ b/application/ajaxwebpage.class.inc.php
@@ -41,7 +41,9 @@ class ajax_page extends WebPage implements iTabbedPage
         parent::__construct($s_title, $bPrintable);
         $this->m_sReadyScript = "";
 		//$this->add_header("Content-type: text/html; charset=utf-8");
-		$this->add_header("Cache-control: no-cache");
+		$this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+	    $this->add_header('Pragma: no-cache');
+	    $this->add_header('Expires: 0');
 		$this->m_oTabs = new TabManager();
 		$this->sContentType = 'text/html';
 		$this->sContentDisposition = 'inline';
diff --git a/application/csvpage.class.inc.php b/application/csvpage.class.inc.php
index 8ff526b77..0924cc38b 100644
--- a/application/csvpage.class.inc.php
+++ b/application/csvpage.class.inc.php
@@ -33,7 +33,9 @@ class CSVPage extends WebPage
     {
         parent::__construct($s_title);
 	    $this->add_header("Content-type: text/plain; charset=".self::PAGES_CHARSET);
-		$this->add_header("Cache-control: no-cache");
+	    $this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+	    $this->add_header('Pragma: no-cache');
+	    $this->add_header('Expires: 0');
 		//$this->add_header("Content-Transfer-Encoding: binary");
     }	
 
diff --git a/application/itopwebpage.class.inc.php b/application/itopwebpage.class.inc.php
index 576779140..030b0cbbb 100644
--- a/application/itopwebpage.class.inc.php
+++ b/application/itopwebpage.class.inc.php
@@ -71,7 +71,9 @@ class iTopWebPage extends NiceWebPage implements iTabbedPage
 		$this->m_aMessages = array();
 		$this->SetRootUrl(utils::GetAbsoluteUrlAppRoot());
 		$this->add_header("Content-type: text/html; charset=".self::PAGES_CHARSET);
-		$this->add_header("Cache-control: no-cache");
+		$this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+		$this->add_header('Pragma: no-cache');
+		$this->add_header('Expires: 0');
 		$this->add_linked_stylesheet("../css/jquery.treeview.css");
 		$this->add_linked_stylesheet("../css/jquery.autocomplete.css");
 		$this->add_linked_stylesheet("../css/jquery-ui-timepicker-addon.css");
diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php
index 363406000..8294a153e 100644
--- a/application/loginwebpage.class.inc.php
+++ b/application/loginwebpage.class.inc.php
@@ -85,7 +85,9 @@ class LoginWebPage extends NiceWebPage
 
 		parent::__construct($sTitle);
 		$this->SetStyleSheet();
-		$this->add_header("Cache-control: no-cache");
+		$this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+		$this->add_header('Pragma: no-cache');
+		$this->add_header('Expires: 0');
 	}
 	
 	public function SetStyleSheet()
diff --git a/application/webpage.class.inc.php b/application/webpage.class.inc.php
index d6bb972de..746ba9083 100644
--- a/application/webpage.class.inc.php
+++ b/application/webpage.class.inc.php
@@ -487,8 +487,9 @@ class WebPage implements Page
 	 */
 	public function no_cache()
 	{
-		$this->add_header("Cache-Control: no-cache, must-revalidate");  // HTTP/1.1
-		$this->add_header("Expires: Fri, 17 Jul 1970 05:00:00 GMT");    // Date in the past
+		$this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+		$this->add_header('Pragma: no-cache');
+		$this->add_header('Expires: 0');
 	}
 
 	/**
diff --git a/application/xmlpage.class.inc.php b/application/xmlpage.class.inc.php
index 3e08316a4..3d81c5b49 100644
--- a/application/xmlpage.class.inc.php
+++ b/application/xmlpage.class.inc.php
@@ -43,7 +43,9 @@ class XMLPage extends WebPage
 		$this->m_bPassThrough = $bPassThrough;
 		$this->m_bHeaderSent = false;
 		$this->add_header("Content-type: text/xml; charset=".self::PAGES_CHARSET);
-		$this->add_header("Cache-control: no-cache");
+		$this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+		$this->add_header('Pragma: no-cache');
+		$this->add_header('Expires: 0');
 		$this->add_header("Content-location: export.xml");
 	}	
 
diff --git a/datamodels/2.x/itop-hub-connector/hubconnectorpage.class.inc.php b/datamodels/2.x/itop-hub-connector/hubconnectorpage.class.inc.php
index f1782e9e6..e068d01d0 100644
--- a/datamodels/2.x/itop-hub-connector/hubconnectorpage.class.inc.php
+++ b/datamodels/2.x/itop-hub-connector/hubconnectorpage.class.inc.php
@@ -5,8 +5,10 @@ class HubConnectorPage extends NiceWebPage
     public function __construct($sTitle)
     {
         parent::__construct($sTitle);
-        
-        $this->add_header("Cache-control: no-cache");
+
+	    $this->add_header('Cache-control: no-cache, no-store, must-revalidate');
+	    $this->add_header('Pragma: no-cache');
+	    $this->add_header('Expires: 0');
         
         $sImagesDir = utils::GetAbsoluteUrlAppRoot().'images';
         $sModuleImagesDir = utils::GetAbsoluteUrlModulesRoot().'itop-hub-connector/images';
diff --git a/pages/UI.php b/pages/UI.php
index 96222f666..3c908983c 100644
--- a/pages/UI.php
+++ b/pages/UI.php
@@ -1962,6 +1962,7 @@ EOF
 		///////////////////////////////////////////////////////////////////////////////////////////
 
 		default: // Menu node rendering (templates)
+		$oP->add_header('X-Frame-Options: deny');
 		ApplicationMenu::LoadAdditionalMenus();
 		$oMenuNode = ApplicationMenu::GetMenuNode(ApplicationMenu::GetMenuIndexById(ApplicationMenu::GetActiveNodeId()));
 		if (is_object($oMenuNode))
diff --git a/pages/UniversalSearch.php b/pages/UniversalSearch.php
index cfcacc935..2232fa510 100644
--- a/pages/UniversalSearch.php
+++ b/pages/UniversalSearch.php
@@ -31,6 +31,7 @@ ApplicationMenu::CheckMenuIdEnabled('UniversalSearchMenu');
 $oAppContext = new ApplicationContext();
 
 $oP = new iTopWebPage(Dict::S('UI:UniversalSearchTitle'));
+$oP->add_header('X-Frame-Options: deny');
 $oP->add_linked_script("../js/json.js");
 $oP->add_linked_script("../js/forms-json-utils.js");
 $oP->add_linked_script("../js/wizardhelper.js");
diff --git a/pages/run_query.php b/pages/run_query.php
index a8154c242..174ab5150 100644
--- a/pages/run_query.php
+++ b/pages/run_query.php
@@ -93,6 +93,7 @@ $oAppContext = new ApplicationContext();
 
 $oP = new iTopWebPage(Dict::S('UI:RunQuery:Title'));
 $oP->SetBreadCrumbEntry('ui-tool-runquery', Dict::S('Menu:RunQueriesMenu'), Dict::S('Menu:RunQueriesMenu+'), '', utils::GetAbsoluteUrlAppRoot().'images/wrench.png');
+$oP->add_header('X-Frame-Options: deny');
 
 // Main program
 $sExpression = utils::ReadParam('expression', '', false, 'raw_data');
diff --git a/pages/schema.php b/pages/schema.php
index 0254e86af..db2927fc1 100644
--- a/pages/schema.php
+++ b/pages/schema.php
@@ -1119,6 +1119,7 @@ $operation = utils::ReadParam('operation', '');
 
 $oPage = new iTopWebPage(Dict::S('UI:Schema:Title'));
 $oPage->no_cache();
+$oPage->add_header('X-Frame-Options: deny');
 
 $oPage->SetBreadCrumbEntry('ui-tool-datamodel', Dict::S('Menu:DataModelMenu'), Dict::S('Menu:DataModelMenu+'), '',
 	utils::GetAbsoluteUrlAppRoot().'images/wrench.png');
diff --git a/webservices/export-v2.php b/webservices/export-v2.php
index 1fd7d6f01..af116e231 100644
--- a/webservices/export-v2.php
+++ b/webservices/export-v2.php
@@ -44,6 +44,7 @@ function ReportErrorAndExit($sErrorMessage)
 	else
 	{
 		$oP = new WebPage("iTop - Export");
+		$oP->add_header('X-Frame-Options: deny');
 		$oP->p('ERROR: '.$sErrorMessage);
 		$oP->output();
 		exit(-1);
@@ -63,6 +64,7 @@ function ReportErrorAndUsage($sErrorMessage)
 	else
 	{
 		$oP = new WebPage("iTop - Export");
+		$oP->add_header('X-Frame-Options: deny');
 		$oP->p('ERROR: '.$sErrorMessage);
 		Usage($oP);
 		$oP->output();
@@ -344,6 +346,7 @@ function InteractiveShell($sExpression, $sQueryId, $sFormat, $sFileName, $sMode)
 	if ($sMode == 'dialog')
 	{
 		$oP = new ajax_page('');
+		$oP->add_header('X-Frame-Options: deny');
 		$oP->add('<div id="interactive_export_dlg">');
 		$sExportBtnLabel = json_encode(Dict::S('UI:Button:Export'));
 		$sJSTitle = json_encode(htmlentities(utils::ReadParam('dialog_title', '', false, 'raw_data'), ENT_QUOTES, 'UTF-8'));
@@ -369,6 +372,7 @@ EOF
 	else
 	{
 		$oP = new iTopWebPage('iTop Export');
+		$oP->add_header('X-Frame-Options: deny');
 		$oP->SetBreadCrumbEntry('ui-tool-export', Dict::S('Menu:ExportMenu'), Dict::S('Menu:ExportMenu+'), '', utils::GetAbsoluteUrlAppRoot().'images/wrench.png');
 	}
 	
@@ -729,6 +733,7 @@ try
 			if($oExporter instanceof HTMLBulkExport)
 			{
 				$oP = new NiceWebPage('iTop export');
+				$oP->add_header('X-Frame-Options: deny');
 				$oP->add_ready_script("$('table.listResults').tablesorter({widgets: ['MyZebra']});");
 				$oP->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot().'css/font-awesome/css/all.min.css');
 				$oP->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot().'css/font-awesome/css/v4-shims.min.css');
@@ -736,6 +741,7 @@ try
 			else
 			{
 				$oP = new WebPage('iTop export');
+				$oP->add_header('X-Frame-Options: deny');
                 $oP->add_style("table br { mso-data-placement:same-cell; }"); // Trick for Excel: keep line breaks inside the same cell !
 			}
 			$oP->add_style("body { overflow: auto; }");
@@ -743,6 +749,7 @@ try
 		else
 		{
 			$oP = new ajax_page('iTop export');
+			$oP->add_header('X-Frame-Options: deny');
 			$oP->SetContentType($oExporter->GetMimeType());
 		}
 		DoExport($oP, $oExporter, false);
@@ -752,6 +759,7 @@ try
 catch (BulkExportMissingParameterException $e)
 {
 	$oP = new ajax_page('iTop Export');
+	$oP->add_header('X-Frame-Options: deny');
 	$oP->add($e->getMessage());
 	Usage($oP);
 	$oP->output();
@@ -759,6 +767,7 @@ catch (BulkExportMissingParameterException $e)
 catch (Exception $e)
 {
 	$oP = new WebPage('iTop Export');
+	$oP->add_header('X-Frame-Options: deny');
 	$oP->add('Error: '.$e->getMessage());
 	IssueLog::Error($e->getMessage()."\n".$e->getTraceAsString());
 	$oP->output();