The security report shows there is missing headers X-Frame-Options for Fiori Launchpad and SAPUI5 apps.
The security report suggest to set the header values as X-Frame-Options :SAMEORIGIN
SAP_UI 750 or higher
X-FRAME-OPTIONS, SAMEORIGIN, UCON_CHW, Clickjacking, Framing Protection, SAPUI5, Fiori, Launchpad , KBA , CA-FLP-ABA , SAP Fiori Launchpad ABAP Services , BC-WD-ABA , Web Dynpro ABAP , BC-MID-ICF , Internet Communication Framework , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.