3496584 - Geolocation Not Allowed in HTML Mashups

You created an HTML mashup which needs to get the user's geolocation, but it is coming back with the message of "Error accessing geolocation: Geolocation has been disabled in this document by permissions policy.". 

SAP Business ByDesign

1. Go to Application and User Management work center.
2. Go to Mashup Authoring view.
3. Select the HTML Mashup you created.
4. Click Edit.
5. Click the Preview button and will see:
   "Retrieving your location...
   Please allow access to your location when prompted."
6. Open browser console, here take Chrome for example, open Developer Tools and go to Console tab.
7. Will see error: "Error accessing geolocation: Geolocation has been disabled in this document by permissions policy.". 

HTML mashups in ByD are nested inside not one but two iframe elements. The permissions on the parent page are ok, and the permissions on the innermost iframe allow requesting of the user's geolocation (the opening iframe tag includes 'allow="geolocation *;"', which enables access to geolocation). However, this is then nested inside another iframe, and this outer iframe doesn't include this attribute, which then blocks access to geolocation.

To include the 'allow="geolocation *;"' property in the outer iframe would introduce a new feature for iframes, potentially violating security constraints. Hence currently it is not supported in ByD.

You can register this requirement in Customer Influence for SAP Business ByDesign at https://influence.sap.com/sap/ino/#/campaign/886 so that our development can look into it. 

Geolocation, HTML Mashup , KBA , AP-RC-GEN-MSH , Mashups , Problem