Enabling cross-frame protection
You can implement cross-frame protection for your application.
To enable cross frame protection for the application, customers can add Sterling
platform filter class
'com.sterlingcommerce.woodstock.security.CrossFrameProtectionFilter
' as
one of the request filters in the web.xml
file for the deployed
application WAR file. This adds X-FRAME options in all response headers, which enables the
cross-frame protection for the application. Once the filter is enabled, the application
cannot be used inside an iframe. By default, this filter is not added for the application,
so that the application can be embedded inside another application which requires
integration using an iframe. If you do not have any such requirement, and want to enable
cross-frame protection, the
com.sterlingcommerce.woodstock.security.CrossFrameProtectionFilter
filter
class can be added to the filters in the web.xml
as already
described.