SAP Knowledge Base Article - Preview

2411115 - X-Frame-Options using URL IView and Server Side Fetch Mode

Symptom

  • You have configured a URL iView's Fetch Mode property to equal Server Side
  • You have configured the iView to use Navigation mode 1 "Display in a separate Window"
  • You are calling a URL where the application server is sending the x-frame-options header/Clickjacking protection is activated
  • In Internet Explorer there is an onscreen message which says:

    This content cannot be displayed in a frame
  • In Chrome there is a blank screen and the following in the Web Console:

    Refused to display <http://external.serverurl.com> in a frame because it set 'X-Frame-Options' to 'sameorigin'


Read more...

Environment

  • SAP NetWeaver Application Server for Java release independent
  • Enterprise Portal

Product

SAP NetWeaver all versions

Keywords

clickjacking, iframes, document.origin, x, frame, options, frames , KBA , EP-PIN-NAV , Navigation , EP-PIN-AI , Application Integration , EP-PIN-PRT , Portal Runtime , EP-PIN-URL-UIV , URL iViews , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.