CSP Frame Ancestors

From SAP Enable Now Wiki
Revision as of 19:40, 16 November 2023 by Admin (talk | contribs) (Created page with "__NOTOC__ ==Where to find it== * ''Manager'' > '''Administration > Server Settings''' menu > ''Security'' category > '''{{PAGENAME}}''' setting ==Purpose== CSP is Content...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Where to find it

  • Manager > Administration > Server Settings menu > Security category > CSP Frame Ancestors setting

Purpose

CSP is Content Security Policy (CSP). I think this setting allows you to specify which parent URLs can load SAP Enable Now content into a Frame. Useful values are:

  • none: No content can be loaded into a Frame. Be careful of using this as much SAP Enable Now content is designed to be loaded into Frames (for example, by SAP Companion).
  • self: only content originating from your Manager domain (e.g. cloud.sap) can load content into a Frame.
Retrieved from "https://enablenowexpert.com/wiki/index.php?title=CSP_Frame_Ancestors&oldid=3071"