Troubleshooting
Problem
The requirement of having IBM Cognos Analytics set the X-Frame-Options Response Header with a value of "SAMEORIGIN" when the environment does not include a Web Server.
Environment
Cognos Analytics
No Web Server
Diagnosing The Problem
When reviewing the HTTP sessions requests and responses, the X-Frame-Options response header is not set.
Resolving The Problem
For best practices, we suggest that customers use a Web Server, SSO, distributed environment with load balancing ,etc. And the extra headers can be added in Web Server configuration by the Web Server Administrator.
If the Business would still want to do it without a Web Server, here are the steps:
1. In Portal, go to Manage -> Configuration -> System , expand Advanced Settings .
2. Under the Custom settings , add the following two keys:
Key: BIHeaderFilter.responseHeaders
Value: [{"name":"X-FRAME-OPTIONS","va
Key: BIResponseWrapper.staticExpire
Value: 7
(This setting will set the value for the HTTP response Headers "Expires” and “max-age” when responding to GET requests for static content.. They can change it as needed.)
3. Click Save. Wait a minute, refresh the page.
The header X-FRAME-OPTIONS: SAMEORIGIN will be set in all response headers.
Was this topic helpful?
Document Information
Modified date:
02 November 2018
UID
ibm10738575