SAP Knowledge Base Article - Public

2860708 - W2 link not displaying from Employee Central Payroll information due 'X-frame-options' error

Symptom

Unable to access W2 link from Employee central payroll information.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

Environment

 SAP SuccessFactors HXM Suite

  • Mashup
  • Payroll Information

Reproducing the Issue

  1. Go to Employee Profile
  2. Access Payroll Information
  3. Select W2 link 
  4. The following note will display in the W2 Screen

 

Using Microsoft Edge:

 

This content can't be shown in a frame.

There is supposed to be some content here, but the publisher doesn't allow it do be dsplayed in a frame. This is to help protect securit of any information you might entet into this site.

W2_Screen.png

Using Google Chrome:

w2_Screen_chrome.png

 

Cause

The W2 link unable to load in the W2 screen due to 'X-Frame-option' to 'deny'

To navigate this error message:

  • Open the developer tools on your web browser and click the W2 link from the Payroll Information

developer_tool_error.png

Reason for this error:

X-Frame Options (XFO), is an HTTP response header, also referred to as an HTTP security header, which tells your browser how to behave when handling your site’s content. The main reason for its inception was to provide clickjacking protection by not allowing the rendering of a page in a frame. This can include the rendering of a page in a <frame><iframe>, or <object>. Iframes are used to embed and isolate third-party content into a website.

 

In our case, we have an iframe that opens the URL based on what the customer has configured. We don't have any option of setting the X-frame options property from our end. It is not possible to avoid that security parameter and open the URL in the iframe as it is used by the server to tell the browser whether or not the URL being requested can be used inside an iframe or not.

As you can see from the screenshot attached, it clearly states that the URL is not opened in iframe due to security reasons and protect the information.

Resolution

As a workaround, you can add a custom tile in the Home page and configure the URL which you want to open.

Below are the steps:

  • Go to Admin Center
  • Search for Manage Home Page
  • Click on Add Custom Tile
  • Follow the steps accordingly and you should be able to see the new custom tile in the Homepage with the URL configured OR you may follow the steps in this KBA 2641544 - How to add a link into the BixZ Homepage?
  • Go to the Homepage. You should see the new tile in the respective homepage section.
  • Copy the Homepage URL
  • Go to Admin Center
  • Go to Manage Data
  • Search for Payroll System Configuration
  • Configure the homepage URL to the respective link which you want to display under the Payroll Information Section (Eg: XXXX W-2).
  • Save the changes.
  • Go to Employee file
  • Navigate to the Payroll Information section of the employee and click on the link to which the homepage URL was configured. You should see the homepage opening in the iframe.
  • Click on the tile you configured. You should see the URL opening in new tab.

Note:

As the first time you accessed the W2 link from the custom tile created, you might encounter an issue in which sends the login screen for the payroll system and you suspected that SSO is not invoked.

You have to take note that whenever the application is loaded for the first time, it will always ask for the credential  and if you click on the tile again it won’t ask for credentials afterwards because the browser maintains the credentials in the same session.

Keywords

W2 link, Payroll Information, Pay Statement, Mashup, X-Frame-options, , KBA , LOD-EC-GCP-PY-MAS , Employee Data Maintenance via Mashups , Problem

Product

SAP SuccessFactors HXM Suite all versions