Google Chrome version 31 reports that it is reverting to DENY when both SAMEORIGIN and GOFORIT are specified for X-Frame-Options.
Only use SAMEORIGIN. Remove GOFORIT.
Review the X-Frame-Options in the configuration for IIS or Tomcat. Resolve any conflict.
The steps to configure the IIS web server are outlined in the following Microsoft article:
The configuration for the Tomcat web server for CA Service Desk Manager is contained in the file named:
That file exists at:
You may find that SAMEORIGIN is specified in that file. However, it should not contain GOFORIT.
Note: It is possible that X-Frame-Options are set in the Apache server's httpd.conf, or via a Chrome add-on.