Solution : https://service.sap.com/sap/support/notes/853878 (SAP Service marketplace login required)
Key words :
cl_http_utility=>http_whitelist_ep_css_url cl_http_utility=>http_whitelist_sap_exiturl cl_http_utility=>http_whitelist_wda_resume_url, potentially execute unknown javascript code, add addition security feature, additional note assistent corrections, <html> <header> <css src=, central framework provided functionality, abap server received information, externally received themeroot url, function cl_http_utility=>check_http_whitelist, execute javascript files
Related Notes :
| 1274793 | BSP: HTTP WhiteList Check fails for port entries |
| 1261193 | |
| 1245560 | Composite SAP Note : XSS Documentation |
| 891232 | BSP Security Relevant Changes |
| 887322 | Whitelist checks of sap-exit URL |