From 901a450ade57f991ad05acf66baf37cfd521ea02 Mon Sep 17 00:00:00 2001 From: jegadeeshbabu3 Date: Tue, 18 Aug 2020 18:04:38 +0530 Subject: Changed X-Frame attribute value to sameorigin Tweaked response header Issue-ID: PORTAL-980 Change-Id: I659be73675f36027f54b2a65d5b99013d74a43ca Signed-off-by: jegadeeshbabu3 --- .../main/java/org/onap/portalapp/config/ExternalSecurityConfig.java | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'ecomp-portal-BE-common/src/main/java') diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java index 9f125b75..ae08a34b 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java @@ -69,6 +69,11 @@ public class ExternalSecurityConfig extends WebSecurityConfigurerAdapter { return false; } }; + + + //Added this code to enable Raptor charts within Iframe + http.headers().frameOptions().sameOrigin(); + if(MusicUtil.isMusicEnable()) http.csrf().csrfTokenRepository(MusicCookieCsrfTokenRepository.withHttpOnlyFalse()).requireCsrfProtectionMatcher(csrfRequestMatcher); else -- cgit 1.2.3-korg