3097149 - WDA: HTTP 401 or 500 error for Clickjacking Framing Protection

Symptom

When calling a web based application (e.g. Web Dynpro ABAP, BSP, ITS) one of the following error appears:

401 Unauthorized error received for request /sap/public/bc/uics/whitelist/ClickjackingFramingProtection.js
500 internal server error. ICF service for Clickjacking Framing Protection is not active

Environment

/sap/public/bc/uics/whitelist/ClickjackingFramingProtection.js
Web Dynpro ABAP
SAP NetWeaver
SAP Web Application Server for SAP S/4 HANA
ABAP PLATFORM - Application Server ABAP

Product

ABAP platform all versions ; SAP NetWeaver all versions ; SAP Web Application Server for SAP S/4HANA all versions

Keywords

Web Dynpro, Webdynpro, Web Dynpro ABAP, WDA, WDA_GDPR, /sap/public/bc/uics/whitelist/ClickjackingFramingProtection.js, Clickjacking, ClickjackingFramingProtection, 401, Unauthorized, error, BSP, ITS, 500, 500 internal server error, error, ICF service for Clickjacking Framing Protection is not active, Webgui, ClickjackingFramingProtection.js, not active, internal server error , KBA , BC-WD-ABA , Web Dynpro ABAP , BC-FES-WGU , SAP GUI for HTML , BC-FES-ITS , SAP Internet Transaction Server , BC-WD-UR , Unified Rendering , BC-MID-ICF , Internet Communication Framework , BC-FES-BUS , Netweaver Business Client , BC-BSP , Business Server Pages , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.