Hello Team, We are trying to integrate FS app infot another java app which is running on other port. That means that while using i-frame we get X-Frame-Options Header which deny such an action.

According to the documentation of Tomcat9 we added some params to the Tomcat config file and they work for other apps:

  <init-param>
          <param-name>antiClickJackingEnabled</param-name>
          <param-value>false</param-value>
        </init-param>
        <init-param>
          <param-name>antiClickJackingOption</param-name>
          <param-value>DENY</param-value>
        </init-param>

but seems that somewhere in the application .war file this is overrided because it always returns

$ curl -I http://ip:port/formspider2/main.html?name=CL0060305\&sid=784778

HTTP/1.1 200  Cache-Control: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie:
JSESSIONID=9FDC1AD6D451343F28A34E21B068FD5B;
Path=/formspider2; HttpOnly

X-Frame-Options: SAMEORIGIN

Content-Type:
text/html;charset=ISO-8859-1
Transfer-Encoding: chunked Date: Thu,
17 Jan 2019 14:47:04 GMT

Is there any way to make it work in frame?

asked 17 Jan, 09:56

viktorK's gravatar image

viktorK
69125
accept rate: 0%

edited 17 Jan, 09:57


Hi Anatoly,

You are right that SAMEORIGIN header is set under the hood as a security restriction.

It is configured inside "main.jsp" file at the root level. You can modify this file according to your requirements.

Kind Regards, Serdar

link

answered 18 Jan, 05:59

Serdar's gravatar image

Serdar ♦♦
100k4
accept rate: 13%

thanks! that worked

(18 Jan, 07:14) viktorK
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×3
×1

Asked: 17 Jan, 09:56

Seen: 429 times

Last updated: 18 Jan, 07:14

Related questions


© Copyright Gerger 2017