Implement whitelist for X-Frame-Options (Embedding web page)

[jordanCain]

We should whitelist the allowed embedders of any web application surfaced via the explorer server.

The X-Frame-Options header can be used to achieve this, see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

Related: https://github.com/zowe/explorer-server/issues/28

[jordanCain]

Initial fix to restrict to same origin https://github.com/zowe/explorer-ui-server/pull/8/

[jackjia-ibm]

Related PR created: https://github.com/zowe/explorer-ui-server/pull/9

After this PR is merged, announce MINOR release to create version v0.1.0, then we can proceed with these PRs:

https://github.com/zowe/explorer-jes/pull/81 https://github.com/zowe/explorer-mvs/pull/61 https://github.com/zowe/explorer-uss/pull/45 https://github.com/zowe/zowe-install-packaging/pull/382

[jackjia-ibm]

All related PRs had been approved/merged. This issue can be closed now.