Global security settings
In the Security settings dashboard you can create and maintain a list of secure sites in which Infor BI Dashboards can be embedded. The purpose of this is to protect against UI redress attacks (Clickjacking). In a clickjacking attack, links that enable information to be sent to an attacker's server are disguised as valid links. A user may thus unwittingly submit sensitive information to an attacker.
To protect against clickjacking, headers that are sent in response to HTTP requests are configured with the URLs of the specified secure sites. Response headers are automatically configured with the sites that you list.
The Infor Ming.le and Infor Homepages URLs are preconfigured as secure sites.
Permission to maintain the list can be restricted to system tenants. In that case, the options to maintain the list are read-only for standard tenants.
Optionally, you can specify that users can open Infor BI Dashboards only from a secure site.