3006866 - How to add security HTTP headers to SAP Cloud Connector UI

Symptom

Security scan report shows that SAP Cloud Connector (SCC) Administration UI lacks HTTP headers such as Strict-Transport-Security (HSTS).

Environment

SAP Cloud Connector

Product

SAP Connectivity service 2.0 ; SAP Connectivity service all versions ; cloud connector 1.0 for SAP HANA Cloud Platform

Keywords

X-Xss-Protection, Strict-Transport-Security, Content-Security-Policy, httpHeaderSecurity, HSTS, CVE-2024-52316 , KBA , BC-MID-SCC , SAP Cloud Connector On-Demand/On-Premise Connectivity , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.