Oracle Process Cloud Workspace is a web application that a user uses to interact with human activities in BPMN processes. It is a stand-alone web application in Oracle Integration Cloud Service (OICS). In some use cases, customers want to embed the Workspace application in an iframe of their own web page. Out of box, this is not possible because all HTTP responses from the Workspace have an X-Frame-Options header set to “sameorigin”. It does not allow browsers to embed response data into an iframe from a different domain.
This post demonstrates a work-around solution to this problem by using a proxy server. The idea is to use a proxy server (OHS or Apache) to remove or modify the X-Frame-Options header from all responses from the Workspace.
My demo environment, shown in the image below, includes an OHS server installed on localhost:7777. I have my OICS instance running on a VM. I have a simple test web page with an iframe installed on the OHS.
Let’s verify the problem exists first. The following two screen shots show the Workspace accessed directly without the proxy. Read the complete article here.
For regular information on Oracle PaaS become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.