Symptom
The server did not return an X-Frame-Options header with the value DENY or SAMEORIGIN, which means that the system could be at risk of a clickjacking attack. The X-Frame-Options HTTP response header can be used to indicate whether a browser should be allowed to render a page inside a frame or Iframe.
Read more...
Environment
SAP - Cloud for Customer
Product
SAP Cloud for Customer core applications 2311
Keywords
Security, X-Frame-Options, Automated ,Scans ,Iframe ,Cloud for Customer, Clickjacking, attack, Deny, Sameorigin , KBA , LOD-CRM-SEC , Security Topics , How To
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.