Hello , I have the below scenario from one of our customers and its beyond my understanding ... It would be a great help if it is within your scope and if you could shed some light.
The issue was that the URL being used by the data center 1 branches was routed by Wide IP (perhaps Big IP) to data center 2 but the PP(our application) pod rejected the request due to having only data center 2 in its “white list”.
Getting further into the details, by white list they meant the XFrameOption in PP(our application) which was set to an “ALLOW FROM” value for the data center 2 URL.
Does anyone know how the XFrameOption is supposed to be set in an Active Active scenario? Or perhaps there is something else that should be doing something else to make that XFrameOption work?
And is this of any relevance ,
https://docs.oracle.com/goldengate/c1230/gg-winux/OGGSE/communications-security.htm#OGGSE-GUID-221CBC94-860C-4842-BF31-4… ( 4.4 HTTP Security and Cache Headers )
please help shed some light if this is something of concern and to be noted while configuring Active-Active in any way (i hope not but just in case) ...
This is not a replication issue per se. You can view the reply back from the server about the rejected URL. Google how to view HTTP headers in chrome. You will see the x-frame-option returned as to why.
Now the server (hosting your PP application) can set this even without a header as this is optional. But that may violate the security of the application. You will not get a lot of help in the OGG forum for this.