ThinClientFraming

Part of Setup.INI, in your installation folder.
This property is not part of the Application Configuration dialog.

Restricts the locations which may place the thin client pages within an iframe.

Accepted values:

'none':

Quotes included, this specifies nothing may place the thin clients within an iframe.

'self':

Quotes included, this specifies only VTScada itself may place the thin client within an iframe. This requires protocol scheme and port numbers on the system to be identical.

A space separate list of hosts:

No quotes should be present. This list of hosts will be allowed to place the thin client within an iframe. The list format follows that accepted by Content-Security-Policy headers.

 

The recommended value is 'none', which offers the greatest level of protection. If a list of hosts is specified, they should be as restrictive as possible for the application to ensure malicious sources can not conduct UI redress attacks.

 

Section: System

Default: ThinClientFraming = 'none'