/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
Changing HSTS header following Injecting Static HTTP Response Headers in Cloud Portal -> Storefront Service using below property doesn't work, e.g. for ootb yacceleratorstorefront.
| yacceleratorstorefront.xss.filter.header.Strict-Transport-Security=max-age=0; includeSubDomains |
When you check storefront page with browser Developer Tools open, from the Network>Headers>Response Headers of the request url, you can always find "Strict-Transport-Security: max-age=31536000 ; includeSubDomains".
***Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.***
Read more...
Environment
SAP Commerce Cloud
Product
SAP Commerce Cloud 1808 ; SAP Commerce Cloud 1811 ; SAP Commerce Cloud 1905 ; SAP Commerce Cloud 6.7
Keywords
KBA , CEC-SCC-PLA-PL , Platform , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)