Guest

Preview Tool

Cisco Bug: CSCul11431 - Configure options for webapps to selectively set X-Frame-Options

Last Modified

May 04, 2016

Products (1)

  • Cisco Unified Communications Manager (CallManager)

Known Affected Releases

8.6(2.22031.1)

Description (partial)

Symptom:

The web interface responses make use of HTTP X-Frame-Options header (set to SAMEORIGIN) which helps prevents clickjacking attacks as per CSCuf17710
However, some webapps have features that do not work with X-Frame-Options header set to SAMEORIGIN and thus would need to skip this filter


Conditions:

Default Configuration

Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.