Security Subtab
These settings let you configure security headers to control which domains can show your site’s pages in a frame.
Allow Site to Be Framed
This string lets you choose if pages can be displayed in a frame. Possible values include:
-
Disallow Framing – Only your own domain, which is the same origin, can show pages in a frame. This is the default setting.
-
Allow Framing – Any domain/origin can show pages in a frame.
-
Allow Framing Custom – Choose which domains/origins can show pages in a frame. Add the origins you want to allow to the Allow Site to Be Framed By list.
ID |
security.allowFraming |
UI location |
Advanced > Security |
JSON file |
SecurityHeaders.json |
Allow Site to Be Framed By
This array lets you choose which origins you want to allow to show pages in a frame. By default, SAMEORIGIN is included so pages can be displayed in a frame by your own domain.
ID |
security.allowFramingBy |
UI location |
Advanced > Security |
JSON file |
SecurityHeaders.json |
Add Headers to SSP Responses
This array lets you set security headers to send extra information with an HTTPS response. The array contains the following properties:
-
Name (string) – The name of the HTTPS header (not case sensitive).
-
Value (string) – The value of the HTTPS header.
ID |
security.headers |
UI location |
Advanced > Security |
JSON file |
SecurityHeaders.json |
See the SuiteCloud Platform help topic, HTTPS Header Information, for more information.