By default, the Remote
services application in Rational® Publishing Engine 1.2.1.1
is configured to prevent framing of content to avoid clickjacking.
Clickjacking is the framing of a web page with controls that the user
cannot see. When those controls are clicked, the user is directed
to some other web page. If you organization changes the framing of
content for other purposes, you can change the setting so that framing
can be implemented by you, but not from an outside source.
Procedure
- Open the administrative console in a browser. Example: http://server:port/ibm/console/logon.jsp
- Click .
- Click the rpews.war application.
- Click Initialize parameters for servlets.
- Click the xFrameOptionsMode parameter.
- Enter one of the following values:
- DENY: Content cannot be framed by any
site.
- SAMEORIGIN: Content can be framed by
the current site.
If a value is not entered, DENY is
used. If a value other than DENY or SAMEORIGIN is
entered, the value is ignored and DENY is used.
- Click OK to save the changes.
- Restart the Remote services application.