diff --git a/apps/cf_graphql/lib/resolvers/comments.ex b/apps/cf_graphql/lib/resolvers/comments.ex
index e64ca260..47d2dd7b 100644
--- a/apps/cf_graphql/lib/resolvers/comments.ex
+++ b/apps/cf_graphql/lib/resolvers/comments.ex
@@ -18,4 +18,29 @@ defmodule CF.Graphql.Resolvers.Comments do
     |> Repo.all()
     |> Enum.into(%{})
   end
+
+  def is_iframe_allowed(_root, %{url: url}, _info) do
+    case HTTPoison.head(url) do
+      {:ok, %HTTPoison.Response{status_code: 200, headers: headers}} ->
+        headers
+        |> Enum.into(%{})
+        |> Map.get("X-Frame-Options")
+        |> case do
+          nil ->
+            {:ok, true}
+
+          value ->
+            case String.match?(value, ~r/deny|sameorigin/i) do
+              true -> {:ok, false}
+              false -> {:ok, true}
+            end
+
+          _ ->
+            {:ok, false}
+        end
+
+      _ ->
+        {:ok, false}
+    end
+  end
 end
diff --git a/apps/cf_graphql/lib/schema/schema.ex b/apps/cf_graphql/lib/schema/schema.ex
index 9edd1e2e..9b9406e6 100644
--- a/apps/cf_graphql/lib/schema/schema.ex
+++ b/apps/cf_graphql/lib/schema/schema.ex
@@ -46,6 +46,12 @@ defmodule CF.Graphql.Schema do
       resolve(&Resolvers.Users.get_logged_in/3)
     end
 
+    @desc "Check an url X-Frame-Options"
+    field :is_iframe_allowed, :boolean do
+      arg(:url, :string)
+      resolve(&Resolvers.Comments.is_iframe_allowed/3)
+    end
+
     @desc "Get app info"
     field :app_info, :app_info do
       resolve(&Resolvers.AppInfo.info/3)