Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
From version 8.0 Cloud Access Manager sets the X-Frame-Options header by default for all proxy applications. Page will not load.
설명
From Cloud Access Manager v8.0 the X-Frame-Options header is now set for all proxy applications by default; this stops them from being loaded into iframes in other sites/applications except where both the site and iframe content come from the SAMEORIGIN (full details can be found here: http://tools.ietf.org/html/rfc7034). This can affect bespoke portal content where iframe content is hosted from a different server to the main portal e.g. the Office Webapps server farm for SharePoint 2013.
원인
Code change. The change was made to protect Cloud Access Manager applications against Cross-Site Scripting attacks (XSS).
해결 방안
To disable setting the X-Frame-Options header for a particular application and allow it to be loaded in an iframe on another application page, please do the following:
