Skip to content

Print Data and Opening URLs Restriction

Introduction

SAP BTP SDK for iOS v10.0 introduces print data restriction and opening URLs restriction. Print data restriction blocks the printing of data. This secures sensitive data from being compromised. Opening URLs restriction blocks the opening of URLs in an external application. This will also secure user's data from other malware applications and hackers.

Enabling Restrict Print Data and Restrict Opening URLs Policy

You can enable these two policies by enabling Restrict Print Data and Restrict Opening URLs in the Client Configuration tab under the Mobile Settings Exchange feature in mobile services cockpit. It can also be enabled during the Create new application process in SAP BTP SDK Assistant for iOS v10.0.

iOS Clipboard Protection Settings

Usage

An app developer can leverage these two features by using the SAPFoundation framework APIs directly, as described below.

    try PrintPolicyEnforcer.shared.enforce(policy: .blocked)
    try OpenURLPolicyEnforcer.shared.enforce(policy: .blocked)

Another usage method is to use the SAPFioriFlows framework, which makes it more convenient as described below.

Once the these two policies are enabled, add the SAPcpmsSecurityPolicyApplyStep to the onboardingSteps and restoringSteps in OnboardingFlowProvider.swift.

SAPcpmsSecurityPolicyApplyStep enforces the policy set in the mobile services cockpit during the onboarding and restoration of the application.

In case Restrict Print Data and Restrict Opening URLs are not enabled in mobile services cockpit, adding SAPcpmsSecurityPolicyApplyStep will not have any effect during actions such as onboarding, restoration, and passcode reset.

Based on the policy set in mobile services cockpit, SAPcpmsSecurityPolicyApplyStep is automatically added in OnboardingFlowProvider.swift while generating the client application using Create new application or Reuse existing application in the SAP BTP SDK Assistant for iOS.

    public var onboardingSteps: [OnboardingStep] {
        return [
            ...
            CompositeStep(steps: SAPcpmsDefaultSteps.settingsDownload),
            CompositeStep(steps: SAPcpmsDefaultSteps.applyDuringOnboard),
            SAPcpmsSecurityPolicyApplyStep(),
            ...
        ]
    }
    public var restoringSteps: [OnboardingStep] {
        return [
            ...
            CompositeStep(steps: SAPcpmsDefaultSteps.settingsDownload),
            CompositeStep(steps: SAPcpmsDefaultSteps.applyDuringRestore),
            SAPcpmsSecurityPolicyApplyStep(),
            ...
        ]
    }

Precondition

SAPcpmsSecurityPolicyApplyStep needs to run any time after SAPcpmsSettingsDownloadStep. SAPcpmsSettingsDownloadStep, usually used indirectly through SAPcpmsDefaultSteps.settingsDownload, will obtain the required policy information.


Last update: November 22, 2023