SAP Knowledge Base Article - Preview

2389051 - ICF service for Clickjacking Framing Protection is inactive

Symptom

When calling a web based application (eg: Web Dynpro, BSP, ITS) the following error appears:

  • 500 SAP Internal Server Error
  • ERROR: ICF service for Clickjacking Framing Protection is not active.  (termination: ERROR_MESSAGE_STATE)


Read more...

Environment

  • SAP NetWeaver
  • Protection against Clickjacking attacks is activated 

Product

SAP NetWeaver Application Server for ABAP for SAP S/4HANA all versions ; SAP NetWeaver all versions

Keywords

whitelist, clickjacking, SICF, WHITELIST, 403, inactive, activate, SAP Internal Server Error, HTTP_WHITELIST, UI redressing attack, Framing Protection, Framing, IFrame, UI Redressing, X-FRAME-OPTIONS, ICF-Service für ClickJacking-Framing-Protection ist inaktiv; cannot be processed in plugin mode HTTP; 031; WEBDYNPRO_RT , KBA , e webdynpro_rt 031 , BC-WD-ABA , Web Dynpro ABAP , BC-FES-WGU , SAP GUI for HTML , BC-FES-ITS , SAP Internet Transaction Server , BC-WD-UR , Unified Rendering , BC-MID-ICF , Internet Communication Framework , BC-FES-BUS , Netweaver Business Client , BC-BSP , Business Server Pages , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.