Security Subtab

These settings let you configure security headers to control which domains can show your site’s pages in a frame.

Allow Site to Be Framed

This string lets you choose if pages can be displayed in a frame. Possible values include:

  • Disallow Framing – Only your own domain, which is the same origin, can show pages in a frame. This is the default setting.

  • Allow Framing – Any domain/origin can show pages in a frame.

  • Allow Framing Custom – Choose which domains/origins can show pages in a frame. Add the origins you want to allow to the Allow Site to Be Framed By list.

ID

security.allowFraming

UI location

Advanced > Security

JSON file

SecurityHeaders.json

Allow Site to Be Framed By

This array lets you choose which origins you want to allow to show pages in a frame. By default, SAMEORIGIN is included so pages can be displayed in a frame by your own domain.

ID

security.allowFramingBy

UI location

Advanced > Security

JSON file

SecurityHeaders.json

Add Headers to SSP Responses

This array lets you set security headers to send extra information with an HTTPS response. The array contains the following properties:

  • Name (string) – The name of the HTTPS header (not case sensitive).

  • Value (string) – The value of the HTTPS header.

ID

security.headers

UI location

Advanced > Security

JSON file

SecurityHeaders.json

See the SuiteCloud Platform help topic, HTTPS Header Information, for more information.

Related Topics

General Notices