Troubleshooting
Problem
When you apply Cognos fixpack 10.2.2.2 or higher, the Cognos reports on the OpenPages homepage report tabs cannot be opened on Google Chrome.
Symptom
When you navigate to one of the report tabs in the OpenPages homepage, you get a blank result. If you open the console of Google Chrome developer tool, you find an error message like:
Refused to display 'http://cognosserver:com:8090/ibmcognos/cgi-bin/cognos.cgi' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
Cause
Cognos FixPack 10.2.2.2 introduced an HTTP response header for security reason, which prevents OpenPages from embedding cognos reports.
Resolving The Problem
In order to resolve this, you need to configure the Cognos gateway to trust OpenPages web site by updating the HTTP response headers.
- When the cognos gateway is run on Apache or IBM HTTP Server
- Open httpd.conf file for the server
- Append the following 3 lines where you need to substitute the URL with your OpenPages external URL ( without path ):
- Save the file and restart the server
- When the cognos gateway is run on Internet Information Server
- Append Content-Security-Policy header
- Open Internet Information Service(IIS) Manager
- Navigate to the Web Site node for the cognos gateway
- Double click HTTP Response Header feature
- Select Add… from Actions panel
- Set values like here:
- Name : Content-Security-Policy
- Value : frame-ancestors 'self' http://<opserver name>:<opserver port>/;
where you need to substitue the URL with your OpenPages external URL ( without path ). Note that you cannot include upper case characters in the <opserver name>. Use lower case characters instead. - Update X-Frame-Options header
- Install URL Rewrite extension to IIS. It is downloadable here:
https://www.iis.net/downloads/microsoft/url-rewrite - Open Internet Information Service(IIS) Manager
- Navigate to the Web Site node for the cognos gateway
- Confirm URL Rewrite feature is available and double click it
- Select View Server Variables… from Actions panel
- Add a server variable : RESPONSE_X-Frame-Options
- Select Back to Rules from Actions panel
- Select Add Rule… from Actions panel
- Select Outbound rules > Blank rule and click OK
- Assign name to the rule such as x-frame-options
- Fill the rule like the following example:
Note that substitue the hostname, port number in the Action properties value with your OpenPages external URL. Note that you cannot include upper case characters in the hostname. Use lower case characters instead. - Restart the Website from the Actions panel
LoadModule headers_module modules/mod_headers.so Header always set Content-Security-Policy "frame-ancestors 'self' http://<opserver name>:<opserver port>/;" Header always set X-Frame-Options "ALLOW-FROM http://<opserver name>:<opserver port>/" |
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21993634