Skip to Content
0

Whitelist for frameOptions

Mar 19, 2017 at 12:37 PM

92

avatar image

Hi SAP Community,

Currently i am securing the front-end side of a Fiori application. When reading the official documentation I have seen that it is possible to load a fiori application in a frame on a trusted domain. For that we would have to implement a Whitelist. The official documentation stipulates that the following steps have to be implemented:

1. Call the service:

<meta name="sap.whitelistService" content="urltoWhitelist.js">

2. Set the whitelist

jQuery.sap.addUrlWhitelist(undefined, "https://webide-ad232er4.dispatcher.hana.ondemand.com/");
jQuery.sap.validateUrl("https://webide-ad232er4.dispatcher.hana.ondemand.com/");

3. Set the frameOptions to trusted

data-sap-ui-frameOptions="trusted"

After performing all these steps as stipulated by the official documentation, through the SAP Web IDE I launch my application in a frame and normally all actions can be performed. However this is not the case, no actions can be performed and seems like the Whitelist service doesn't recognis my domain.

Is somebody able to provide guidance on how to correctly implement this?

Kinds regards,

Zakaria

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

0 Answers