Posted: 9 Jun 2017 0:55 EDT Last activity: 9 Jun 2017 1:08 EDT
Need Help! In fixing the Cross Frame Scripting vulnerability in Pega Application
Could you help us in providing the steps to avoid the "Cross Frame Scripting" . Following one more thread understood this is handled in Pega 7 , could you please explain the steps or any little insights in fixing the issue.
Can you please let us know what is the PRPC version you are using?
Starting from PRPC 7.2.1 you can find the DSS with setting purpose as Http/ResponseHeaders to add or modify the custom headers where you can add X-FRAME-OPTIONS header in PRPC application and provide the value based on your security needs.
You can refer the following link on how to add the custom headers: