You could use this instead of commenting that out, which is from the NwebSec library:
app.UseXfo(options => options.SameOrigin());
You can also use a custom middleware to set the header, without the NwebSec package if that’s all it’s being used for!
app.Use(async (context, next) =>
{
context.Response.Headers.Add("X-Frame-Options", "SAMEORIGIN");
await next();
});