SAP Knowledge Base Article - Preview

2334165 - Clickjacking settings prevent buttons from Webdynpro based applications from loading

Symptom

Your Netweaver Java is on a version which implements note 1781171 - ClickJacking vulnerability in WebDynpro Java

Buttons in a Webdynpro based application, such as Export Entry button in Netweaver Administrator SSL Configuration, do nothing when pressed. The issue is with the browser so there are no useful errors in the default traces. Depending on the browser used you can get the following information by running the web console of the developer tools of the browser and reproducing the issue.

 

Firefox:

Load denied by X-Frame-Options: http://...... sap-wd-renderMode=popupInit does not permit framing

 

Chrome:

Refused to display 'http://......... in a frame because it set 'X-Frame-Options' to 'DENY'.

 

Internet Explorer:

Unable to get property 'oPageUpdater' of undefined or null reference 


Read more...

Environment

SAP NetWeaver Java Release Independent

Product

SAP NetWeaver all versions

Keywords

button, certificate, load, export, display , KBA , BC-WD-JAV , Web Dynpro Java , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.