Disable iframe embedding of Cloud foundry deployed app

553 Views Asked by At

I created a React app and deployed it to SAP Cloud Foundry using static build pack. I see that I can embed my web application route in any iframe on any domain. Any setting I need to do in the Cloud Foundry Application Space or in the manifest.yml. I need to basically limit iframe embedding and just whitelist few domains which can embed my app in an iframe.

I followed this link to create and deploy the basic app

https://blogs.sap.com/2020/07/23/deploy-your-reactjs-application-in-cloud-foundry/

I tried setting a few of the properties from below link in User-Defined Variables but that didn't help as well.

https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/ba527058dc4d423a9e0a69ecc67f4593.html

1

There are 1 best solutions below

0
On

The user-defined variables you mentioned work only, if you access your application via an application router (look here for information on how to set up the application router: Setting Up Your Own Application Router).

It appears to be default behavior of the application router to prevent embedding of pages in iframes: Disable X-FRAME-OPTIONS in SCP Portal Cloud Foundry