--- title: Internal Server Error when accessing package pages slug: oaa90229 canonical_url: https://docs.coveo.com/en/oaa90229/ collection: coveo-for-sitecore-v5 source_format: adoc --- # Internal Server Error when accessing package pages [.version.c4sc.c4sc-issue-resolved.5-0-1460-0.October-22&-2025] [Issue resolved](https://docs.coveo.com/en/o9ud0570#release-notes) [.version.c4sc.c4sc-issue-resolved.5-0-1460-0.October-22&-2025] [Issue resolved](https://docs.coveo.com/en/o9ud0570#release-notes) ## Symptoms When accessing a Coveo for Sitecore page, you encounter a `500 - Internal Server Error`. ## Cause The Coveo for Sitecore package specifies the `SAMEORIGIN` value for the `X-Frame-Options` HTTP response header in some of its pages. This directive conflicts with the `DENY` directive that Sitecore sets by default for that header. Sometimes, especially in Microsoft Azure environments, this conflict can cause a `500 - Internal Server Error` when trying to access pages such as `/coveo/rest`. ## Resolution This issue was fixed in the Coveo for Sitecore October 22, 2025 release. Upgrade to the [latest Coveo for Sitecore release](https://docs.coveo.com/en/2274/). ### Workaround You can remove the `X-Frame-Options` HTTP response header directive from all Coveo for Sitecore package `web.config` files. . Open the `\Coveo\Rest\Web.config` file in a text editor. . Locate and delete the `` element and its content: ```xml ``` . Save your changes. . Repeat these steps for all other Coveo for Sitecore package `web.config` files, specifically: ** `\Coveo\Hive\init\Web.config`** ** `\Coveo\Hive\search box init\Web.config`** ** `\Coveo\Hive\templates\Web.config`** ** `\layouts\Coveo Hive\Web.config`** ** `\Views\Coveo Hive\Web.config`** . If you're using Coveo for Sitecore SXA, repeat these steps to remove the `` element from the `\Areas\CoveoHiveSxa\Views\Web.config` file.