From: jegadeeshbabu3 <jegadeesh.babu@att.com>
Date: Tue, 18 Aug 2020 12:34:38 +0000 (+0530)
Subject: Changed X-Frame attribute value to sameorigin
X-Git-Tag: 3.4.0~21
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=portal.git;a=commitdiff_plain;h=901a450ade57f991ad05acf66baf37cfd521ea02

Changed X-Frame attribute value to sameorigin

Tweaked response header

Issue-ID: PORTAL-980
Change-Id: I659be73675f36027f54b2a65d5b99013d74a43ca
Signed-off-by: jegadeeshbabu3 <jegadeesh.babu@att.com>
---

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
index 9f125b75..ae08a34b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/config/ExternalSecurityConfig.java
@@ -69,6 +69,11 @@ public class ExternalSecurityConfig extends WebSecurityConfigurerAdapter {
 				return false;
 			}
 		};
+		
+		
+		//Added this code to enable Raptor charts within Iframe
+		http.headers().frameOptions().sameOrigin();
+		
 		if(MusicUtil.isMusicEnable())
 			http.csrf().csrfTokenRepository(MusicCookieCsrfTokenRepository.withHttpOnlyFalse()).requireCsrfProtectionMatcher(csrfRequestMatcher);
 		else