Legacy platform

Enabling cross-frame protection

You can implement cross-frame protection for your application.

To enable cross frame protection for the application, customers can add Sterling platform filter class 'com.sterlingcommerce.woodstock.security.CrossFrameProtectionFilter' as one of the request filters in the web.xml file for the deployed application WAR file. This adds X-FRAME options in all response headers, which enables the cross-frame protection for the application. Once the filter is enabled, the application cannot be used inside an iframe. By default, this filter is not added for the application, so that the application can be embedded inside another application which requires integration using an iframe. If you do not have any such requirement, and want to enable cross-frame protection, the com.sterlingcommerce.woodstock.security.CrossFrameProtectionFilter filter class can be added to the filters in the web.xml as already described.