3006866 - How to add security HTTP headers to SAP Cloud Connector UI

Symptom

Security scan report shows that SAP Cloud Connector (SCC) Administration UI lacks HTTP headers such as Strict-Transport-Security (HSTS).

Environment

SAP Cloud Connector

Product

SAP Connectivity service 2.0 ; SAP Connectivity service all versions ; cloud connector 1.0 for SAP HANA Cloud Platform

Keywords

X-Xss-Protection, Strict-Transport-Security, Content-Security-Policy, httpHeaderSecurity, HSTS , KBA , BC-MID-SCC , SAP Cloud Connector On-Demand/On-Premise Connectivity , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.