Logo

dev-resources.site

for different kinds of informations.

SAP Commerce Cloud and Broken Smart Edit

Published at
6/4/2023
Categories
sap
commerce
devops
Author
mikolayek
Main Article
https://dev.to/mikolayek/sap-commerce-cloud-and-broken-smart-edit-39cd
Categories
3 categories in total
sap
open
commerce
open
devops
open
Author
9 person written this
mikolayek
open
SAP Commerce Cloud and Broken Smart Edit

Issue

Recently I have been involved in website go-live. Testers have been complaining that they were not able to see website in Smartedit built-in iFrame.

Image description

Looking at the console we realised that recently jsapps endpoints started to send one HTTP Header:



X-Frame-Options: deny
Enter fullscreen mode Exit fullscreen mode

That is probably a consequence of SAP internal security audit OWASP Secure Headers X-Frame-Options.

At SAP Help you can find an article Adding HTTP CSP Frame-Ancestors. You will NOT find explanation how to do that.

Solution

Fortunately there is possibility to add in-the-runtime HTTP Response Headers in Cloud Portal in sub-page Security -> HTTP Response Header Sets.

SAP Help has one section about it here: HTTP Response Header Sets.

Unfortunately X-Frame-Options: deny is a default value and it is not possible to remove from system... but fortunately you can unset it in Cloud Portal.

My configuration for Smartedit contains two entries:

  • setting Content-Security-Policy with wildcard to allow any request from Commerce Cloud.
  • unsetting X-Frame-Options to make it finally working, as it is replaced by CSP (more info on MDN XFO

Image description

commerce Article's
30 articles in total
Favicon
Top 10 M.Com Project Topics & Ideas For Students
Favicon
Key Benefits of Choosing Headless Commerce
Favicon
Enhance Retail with Composable Commerce for B2C
Favicon
Reducing Delivery Times and Costs: How Machine Learning Optimizes Delivery Routes Efficiently
Favicon
Advance Features and Deploying the Project (Nerd Streetwear Online Store) Part III
Favicon
Combine proxies to boost e-commerce results
Favicon
Next-Generation No-Code E-commerce Website Builder
Favicon
Coinbase Commerce: A Complete Guide to Seamless Cryptocurrency Payments
Favicon
The Dynamics of Composable Commerce: The Path to Agile and Scalable Business Solutions
Favicon
Marketplace vs. Own E-commerce Website: Where Should You Sell?
Favicon
Commerce Cloud logs in OpenSearch locally
Favicon
Testing and Quality Assurance for E-Commerce Websites
Favicon
SAP Commerce Cloud and Broken Smart Edit
Favicon
SAP Commerce Cloud and Read-Only Replica
Favicon
The 5 Best Importance of B2B Ecommerce for Your Business
Favicon
Commerce Cloud Exporting Integration Object using Delta Detection
Favicon
Medusa Vs Woocommerce: Comparing Two Open source Online Commerce Platforms
Favicon
Getting started with Shoket
Favicon
SAP Commerce Cloud: 10 Things You Should Know
Favicon
What Are The World-Class Features of Adobe Commerce Development?
Favicon
Principles and Practice of Accounting By CA/CMA Santosh Kumar
Favicon
Deploy Sylius to Heroku
Favicon
What Makes a Great Checkout Experience?
Favicon
Build your next commerce store with SvelteKit
Favicon
How to add new users to the Magento Cloud panel?
Favicon
Working with the Commerce Engine & Docker in Sitecore Experience Commerce 10.1
Favicon
Why go Headless?
Favicon
can i build ecommerce by react and node ? U have suggest for me ? Thank for share
Favicon
Headless eCommerce vs Traditional eCommerce
Favicon
Update all items that share the same catalog entity when the item is saved

Featured ones:

Favicon
Open
abubakersiddique761
Favicon
Open
0x3d_site
Favicon
Open
0x2e_tech
Favicon
Open
0x4c-quest
Favicon
Open
gittech