Security Subtab

These settings configure security headers to control whether your site’s pages can be rendered in a frame and, if so, by what domains.

Allow Site to Be Framed

This string specifies whether pages can be rendered in a frame. Possible values include:

• Disallow Framing – Allow pages to be rendered in a frame only by your own domain, which is the same origin. This is the default setting.

• Allow Framing – Allow pages to be rendered in a frame by any domain/origin.

• Allow Framing Custom –Specify the domains/origins that are allowed to render pages in a frame. Enter the origins you want to allow in the Allow Site to Be Framed By list.

ID	security.allowFraming
UI location	Advanced > Security
JSON file	SecurityHeaders.json

Allow Site to Be Framed By

This array defines the origins that you want to allow to render pages in a frame. By default, SAMEORIGIN is included so pages can be rendered in a frame by your own domain.

ID	security.allowFramingBy
UI location	Advanced > Security
JSON file	SecurityHeaders.json

Add Headers to SSP Responses

This array specifies the security headers you want to use to pass additional information with an HTTP or HTTPS response. The array contains the following properties:

• Name (string) – Name of the HTTPS header. This is not case sensitive.

• Value (string) – Value of the HTTPS header.

ID	security.headers
UI location	Advanced > Security
JSON file	SecurityHeaders.json

See the SuiteCloud Platform help topic, HTTPS Header Information, for more information.

Related Topics

• Advanced Tab
• Cache Subtab
• Extensions Subtab
• Invoice Subtab
• Pagination Subtab
• Search Results Subtab
• Backend Subtab
• Filter Site Subtab
• Favicon Path Subtab
• Item Options Subtab
• Custom Fields Subtab
• Image Resize Subtab

General Notices