White screen when web browser loads the CA Service Desk Manager html forms using Chrome. Conflicting values for X-Frame-Options SAMEORIGIN and GOFORIT are detected by Chrome.

Article Id: 19576

Status: Published

Updated On: 21-03-2018 07:16

Legacy Id: TEC602345

Products:

CA IT Asset Manager , CA Software Asset Manager (CA SAM) , ASSET PORTFOLIO MGMT- SERVER , SUPPORT AUTOMATION- SERVER , CA Service Desk Manager - Unified Self Service , KNOWLEDGE TOOLS , CA Service Management - Asset Portfolio Management , CA Service Management - Service Desk Manager

Issue/Introduction:

Description:

Google Chrome version 31 reports that it is reverting to DENY when both SAMEORIGIN and GOFORIT are specified for X-Frame-Options.

Only use SAMEORIGIN. Remove GOFORIT.

Solution:

Review the X-Frame-Options in the configuration for IIS or Tomcat. Resolve any conflict.

The steps to configure the IIS web server are outlined in the following Microsoft article:
http://support.microsoft.com/kb/2694329

The configuration for the Tomcat web server for CA Service Desk Manager is contained in the file named:

 	web.xml

That file exists at:

 	$NX_ROOT\bopcfg\www\CATALINA_BASE\webapps\CAisd

You may find that SAMEORIGIN is specified in that file. However, it should not contain GOFORIT.

Note: It is possible that X-Frame-Options are set in the Apache server's httpd.conf, or via a Chrome add-on.

Environment:

Release:
Component: ARGIS