If you want to declare a certain application to be secure for a certain host, you can
configure the host in question in the whitelist for clickjacking framing protection. Hosts
listed here will be treated as secure parents for the child applications to be rendered in
the iFrame.
Procedure
- Log on to SAP NetWeaver
Administrator at http://<host>:<port>/nwa.
- Navigate to .
Tip
You can search for Clickjacking in the Search
field at the top right and choose Go.
- To create an entry in the whitelist, choose
Create.
Enter the technical information, such as protocol, host name and port number.
Note
The URL entry is not processed. It is set by default to “*”, regardless of the value you
have entered.
- Submit the new host entry.
Note
It is advisable to clear the browser cache every time a whitelist entry
is created or modified because JSON objects are cached.