Hi SAP Community,

Currently i am securing the front-end side of a Fiori application. When reading the official documentation I have seen that it is possible to load a fiori application in a frame on a trusted domain. For that we would have to implement a Whitelist. The official documentation stipulates that the following steps have to be implemented:

1. Call the service:

<meta name="sap.whitelistService" content="urltoWhitelist.js">

2. Set the whitelist

jQuery.sap.addUrlWhitelist(undefined, "https://webide-ad232er4.dispatcher.hana.ondemand.com/");
jQuery.sap.validateUrl("https://webide-ad232er4.dispatcher.hana.ondemand.com/");

3. Set the frameOptions to trusted

data-sap-ui-frameOptions="trusted"

After performing all these steps as stipulated by the official documentation, through the SAP Web IDE I launch my application in a frame and normally all actions can be performed. However this is not the case, no actions can be performed and seems like the Whitelist service doesn't recognis my domain.

Is somebody able to provide guidance on how to correctly implement this?

Kinds regards,

Zakaria