SAP ABAP Data Element O2SECURITY (Activate XSRF Countermeasures for Application)
Hierarchy
☛
SAP_BASIS (Software Component) SAP Basis Component
⤷
BC-DWB-TOO-WAB (Application Component) Web Application Builder
⤷
SO2_DBLAYER (Package) mySAP Application Server Pages: Database Layer
SAP_BASIS (Software Component) SAP Basis Component⤷
BC-DWB-TOO-WAB (Application Component) Web Application Builder⤷
SO2_DBLAYER (Package) mySAP Application Server Pages: Database Layer
Basic Data
| Data Element | O2SECURITY |
| Short Description | Activate XSRF Countermeasures for Application |
Data Type
| Category of Dictionary Type | Direct Type Entry | |
| Type of Object Referenced | No Information | |
| Domain / Name of Reference Type | ||
| Data Type | CHAR | Character String |
| Length | 1 | |
| Decimal Places | 0 | |
| Output Length | 1 | |
| Value Table |
Further Characteristics
| Search Help: Name | ||
| Search Help: Parameters | ||
| Parameter ID | ||
| Default Component name | ||
| Change document | ||
| No Input History | ||
| Basic direction is set to LTR | ||
| No BIDI Filtering |
Field Label
| Length | Field Label | |
| Short | 5 | XSRF |
| Medium | 10 | XSRF |
| Long | 15 | XSRF Protection |
| Heading | 20 | XSRF Protection |
Documentation
Definition
Indicator as to whether countermeasures against XSRF attacks should be activated for this BSP application.
Use
Activate this checkbox if the BSP application is to protected against XSRF attacks.
In order for the protection to be successful, you also need to mark one or more pages as non-critical start pages ("Start BSP"). These pages must not immediately execute any critical actions (status changes in the application server such as DB updates, for example).
Dependencies
A "Page with Flow Logic" or a "Controller" can be marked as a start page for this page/controller by activating the checkbox "Start BSP" on the "Properties" tab in the Web Application Builder.
Example
History
| Last changed by/on | SAP | 20110908 |
| SAP Release Created in |
