Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
From version 8.0 Cloud Access Manager sets the X-Frame-Options header by default for all proxy applications. Page will not load.
Description
From Cloud Access Manager v8.0 the X-Frame-Options header is now set for all proxy applications by default; this stops them from being loaded into iframes in other sites/applications except where both the site and iframe content come from the SAMEORIGIN (full details can be found here: http://tools.ietf.org/html/rfc7034). This can affect bespoke portal content where iframe content is hosted from a different server to the main portal e.g. the Office Webapps server farm for SharePoint 2013.
Cause
Code change. The change was made to protect Cloud Access Manager applications against Cross-Site Scripting attacks (XSS).
Resolution
To disable setting the X-Frame-Options header for a particular application and allow it to be loaded in an iframe on another application page, please do the following:
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Recommended Content
Product(s):
Topic(s):
Troubleshooting
Article History:
Created on: 8/12/2015 Last Update on: 5/7/2023
Thank you for your feedback for Topic Request
Your Request will be reviewed by our technical reviewer team and, if approved, will be added as a Topic in our Knowledgebase.
Welcome to Quest Support
You can find online support help for Quest *product* on an affiliate support site. Click continue to be directed to the correct support content and assistance for *product*.
Search All Knowledge Base
IE 8, 9, & 10 No longer supported
The Quest Software Portal no longer supports IE8, 9, & 10 and it is recommended to upgrade your browser to the latest version of Internet Explorer or Chrome.
