SAP Knowledge Base Article - Preview

2334165 - Clickjacking settings prevent buttons from Webdynpro based applications from loading

Symptom

Netweaver Java is on a version which implements note 1781171 - ClickJacking vulnerability in WebDynpro Java.

Buttons in a Webdynpro based application, such as Export Entry button in Netweaver Administrator SSL Configuration, do nothing when pressed. The issue is with the browser so there are no useful errors in the default traces. Depending on the browser used The following information can be obtained by running the web console of the browser's developer tools and reproducing the issue.

Firefox:

Load denied by X-Frame-Options: http://...... sap-wd-renderMode=popupInit does not permit framing

 

Chrome:

Refused to display 'http://......... in a frame because it set 'X-Frame-Options' to 'DENY'.

 

Internet Explorer:

Unable to get property 'oPageUpdater' of undefined or null reference


Read more...

Environment

SAP NetWeaver Java Release Independent

Product

SAP NetWeaver all versions

Keywords

button, certificate, load, export, display,ap-wd-renderMode=popupInit does not permit framing, 'X-Frame-Options' to 'DENY. , KBA , BC-WD-JAV , WebDynpro Java , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.