on 08-03-2017 7:54 PM
Hi Community,
we would like to use sapui5 applications embedded in iframes. For that, we would like to use SAPs securing concepts for frames.
Our problem is, that the whitelistservice is called with an empty parentOrigin, so the service doesn't allow the current parent container. What I'm doing wrong? (The whitelistservice from the backend is working correct, if It would be called with an origin, he returns the excpected response.)
I did the following:
added this code before sap-ui-core.js is called in my sapui5-app
<script>
window["sap-ui-config"] = {
frameOptions: 'trusted',
frameOptionsConfig: {
callback: function(bSuccess) {
if (bSuccess) {
console.log(bSuccess);
alert("App is allowed to run!");
} else {
console.log(bSuccess);
//alert("App is not allowed to run!");
}
}
}
};
</script>
the iframe calls the sapui5 app from another page like this
<iframe src=".../sap/bc/ui5_ui5/sap/z...../index.html" frameborder="0" width="100%" height="100%">
</iframe>
Now the first problem, the whitelistservice will be called without parentorigin:
.../sap/public/bc/uics/whitelist/service?parentOrigin=
Why is it empty?
I get this console error also:
[index.html] Reached timeout of 10000ms waiting for a response from parent window - jQuery.sap.FrameOptions
Do you have any idea?
Sources:
https://help.sap.com/saphelp_nw74/helpdata/en/91/f3768f6f4d1014b6dd926db0e91070/frameset.htm
https://help.sap.com/saphelp_nw73ehp1/helpdata/de/96/6b6233e5404ebe80513ae082131132/frameset.htm
kind regards
Kai
Unfortunately i'm having exactly the same problem. When embedding the frame in a SAPUI5 application everything goes well, the "parentOrigin" is passed, but if called from other source the parentOrigin is empty.
Any tips?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi dandrade,
if you're in an on premise environment you're not allowed anymore to use the SAP CDN anymore (see 2943781 - Is the usage of SAP's Content Delivery Network for onPremise systems permitted?. So I would suggest you use this instead:
<script id="sap-ui-bootstrap" src="/sap/public/bc/ui5_ui5/1/resources/sap-ui-core.js"></script>
Best regards
Gregor
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.