SAP Knowledge Base Article - Preview

3196694 - How to turn on framing protection for Fiori Launchpad and SAPUI5 apps


A security report/vulnerability scan shows there is missing headers X-Frame-Options for Fiori Launchpad and SAPUI5 apps.

The report suggests to set the header values as X-Frame-Options :SAMEORIGIN.



SAP NetWeaver AS ABAP with software component SAP_UI 754 or higher


ABAP PLATFORM 2025 ; ABAP platform 1809 ; ABAP platform 1909 ; ABAP platform 2020 ; ABAP platform 2021 ; ABAP platform 2022 ; ABAP platform 2023 ; SAP NetWeaver Application Server for ABAP 7.1 ; SAP NetWeaver Application Server for ABAP 7.2 ; SAP enhancement package 1 for SAP NetWeaver Application Server for ABAP 7.1


UCON_CHW, Clickjacking, Framing Protection , KBA , CA-FLP-ABA , SAP Fiori Launchpad ABAP Services , BC-WD-ABA , Web Dynpro ABAP , BC-MID-ICF , Internet Communication Framework , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.