Solved: How to add custom header to HTTP Response of SAP N...

former_member695380 · ‎08-03-2020

We have deployed a custom Angular application to SAP Cloud Platform NeoEnvironment, using HTML5 applications deployment option. During a security review of the application, our security team raised a few issues regarding headers received in response. When a request is performed to the application, we can see following response headers(as in attachment):

We would like to add custom response headers, such as:

X-Frame-Options: deny

X-Content-Type-Options: nosniff

Are there any options available to add custom headers via server configuration?

ibibhu · ‎08-03-2020

Can you please try this :

Custom Response Headers
https://help.sap.com/viewer/ea72206b834e4ace9cd834feed6c0e09/Cloud/en-US/8f2fadbd0f1c4bea8d84473e8f2...

"responseHeaders": [
        {
            "headers": [
            	{
			"name": "X-Frame-Options",
	                "value": "deny"
            	},
                {
			"name": "X-Content-Type-Options",
	                "value": "nosniff"
            	}
            ]
        }
    ],

Try to add the above to the neo-app.json

Regards,
Bibhu

gregorw · ‎08-03-2020

I think in Neo you don't have an option to add this headers. If it's a new application you should not start with Neo but directly use Cloud Foundry. There you can set this headers using the approuter configuration.

How to add custom header to HTTP Response of SAP Neo HTML5 Application?

Accepted Solutions (1)

Accepted Solutions (1)

Answers (1)

Answers (1)

Retreiving AppGyver project

What is the difference between OMS and OMM, while ...

Re: Incorporate international clients into VAR Chi...

Incorporate international clients into VAR Chile

Re: reading external (OData) API from cap