Show TOC

Configuring the Clickjacking Framing Protection WhitelistLocate this document in the navigation structure

If you want to declare a certain application to be secure for a certain host, you can configure the host in question in the whitelist for clickjacking framing protection. Hosts listed here will be treated as secure parents for the child applications to be rendered in the iFrame.

Procedure

  1. Log on to SAP NetWeaver Administrator at http://<host>:<port>/nwa.
  2. Navigate to Start of the navigation path Configuration Next navigation step Security Next navigation step Clickjacking Whitelist Configuration End of the navigation path.
    Tip

    You can search for Clickjacking in the Search field at the top right and choose Go.

  3. To create an entry in the whitelist, choose Create.

    Enter the technical information, such as protocol, host name and port number.

    Note

    The URL entry is not processed. It is set by default to “*”, regardless of the value you have entered.

  4. Submit the new host entry.
    Note

    It is advisable to clear the browser cache every time a whitelist entry is created or modified because JSON objects are cached.

Related Information