fix(ui5_create_app): Add test/preview.html with frame-options="allow"

akudev · matz3 · commit 4826acd1a337 · 2026-01-19T16:52:53.000+01:00
For preview in dev environments embedding the app in a frame
diff --git a/resources/template-js/webapp/test-lt1_124/preview.html b/resources/template-js/webapp/test-lt1_124/preview.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate" />
+		<meta http-equiv="Pragma" content="no-cache" />
+		<meta http-equiv="expires" content="0" />
+		<meta charset="utf-8" />
+
+		<title>UI5 Application: <%= namespace %></title>
+
+		<!-- The 'data-sap-ui-frameOptions="allow"' in the UI5 bootstrap is a NON-SECURE setting for test environments -->
+		<script
+			id="sap-ui-bootstrap"
+			src="https://<%= cdnDomain %>/<%= frameworkVersion %>/resources/sap-ui-core.js"<% if (gte1_120_0) { %>
+			data-sap-ui-resource-roots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-on-init="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compat-version="edge"
+			data-sap-ui-frame-options="allow"<% } else { %>
+			data-sap-ui-theme="<%= defaultTheme %>"
+			data-sap-ui-resourceroots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-onInit="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compatVersion="edge"
+			data-sap-ui-frameOptions="allow"<% } %>
+			data-sap-ui-async="true"
+		></script>
+	</head>
+
+	<body class="sapUiBody">
+		<div data-sap-ui-component data-name="<%= appId %>"></div>
+	</body>
+</html>
diff --git a/resources/template-js/webapp/test/preview.html b/resources/template-js/webapp/test/preview.html
@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html>
+	<head>
+		<meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate" />
+		<meta http-equiv="Pragma" content="no-cache" />
+		<meta http-equiv="expires" content="0" />
+		<meta charset="utf-8" />
+
+		<title>UI5 Application: <%= namespace %></title>
+
+		<!-- The 'data-sap-ui-frameOptions="allow"' in the UI5 bootstrap is a NON-SECURE setting for test environments -->
+		<script
+			id="sap-ui-bootstrap"
+			src="https://<%= cdnDomain %>/<%= frameworkVersion %>/resources/sap-ui-core.js"<% if (gte1_120_0) { %>
+			data-sap-ui-resource-roots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-on-init="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compat-version="edge"
+			data-sap-ui-frame-options="allow"<% } else { %>
+			data-sap-ui-theme="<%= defaultTheme %>"
+			data-sap-ui-resourceroots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-onInit="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compatVersion="edge"
+			data-sap-ui-frameOptions="allow"<% } %>
+			data-sap-ui-async="true"
+		></script>
+	</head>
+
+	<body class="sapUiBody">
+		<div data-sap-ui-component data-name="<%= appId %>"></div>
+	</body>
+</html>
diff --git a/resources/template-ts/webapp/test-lt1_124/preview.html b/resources/template-ts/webapp/test-lt1_124/preview.html
@@ -0,0 +1,36 @@
+<!doctype html>
+<html>
+	<head>
+		<meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate" />
+		<meta http-equiv="Pragma" content="no-cache" />
+		<meta http-equiv="expires" content="0" />
+
+		<meta charset="utf-8" />
+
+		<title>UI5 Application: <%= namespace %></title>
+
+		<!-- The 'data-sap-ui-frameOptions="allow"' in the UI5 bootstrap is a NON-SECURE setting for test environments -->
+		<script
+			id="sap-ui-bootstrap"
+			src="https://<%= cdnDomain %>/<%= frameworkVersion %>/resources/sap-ui-core.js"<% if (gte1_120_0) { %>
+			data-sap-ui-resource-roots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-on-init="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compat-version="edge"
+			data-sap-ui-frame-options="allow"<% } else { %>
+			data-sap-ui-theme="<%= defaultTheme %>"
+			data-sap-ui-resourceroots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-onInit="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compatVersion="edge"
+			data-sap-ui-frameOptions="allow"<% } %>
+			data-sap-ui-async="true"
+		></script>
+	</head>
+
+	<body class="sapUiBody">
+		<div data-sap-ui-component data-name="<%= appId %>"></div>
+	</body>
+</html>
diff --git a/resources/template-ts/webapp/test/preview.html b/resources/template-ts/webapp/test/preview.html
@@ -0,0 +1,36 @@
+<!doctype html>
+<html>
+	<head>
+		<meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate" />
+		<meta http-equiv="Pragma" content="no-cache" />
+		<meta http-equiv="expires" content="0" />
+
+		<meta charset="utf-8" />
+
+		<title>UI5 Application: <%= namespace %></title>
+
+		<!-- The 'data-sap-ui-frameOptions="allow"' in the UI5 bootstrap is a NON-SECURE setting for test environments -->
+		<script
+			id="sap-ui-bootstrap"
+			src="https://<%= cdnDomain %>/<%= frameworkVersion %>/resources/sap-ui-core.js"<% if (gte1_120_0) { %>
+			data-sap-ui-resource-roots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-on-init="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compat-version="edge"
+			data-sap-ui-frame-options="allow"<% } else { %>
+			data-sap-ui-theme="<%= defaultTheme %>"
+			data-sap-ui-resourceroots='{
+				"<%= appId %>": "../"
+			}'
+			data-sap-ui-onInit="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compatVersion="edge"
+			data-sap-ui-frameOptions="allow"<% } %>
+			data-sap-ui-async="true"
+		></script>
+	</head>
+
+	<body class="sapUiBody">
+		<div data-sap-ui-component data-name="<%= appId %>"></div>
+	</body>
+</html>
diff --git a/test/expected/create_ui5_app/com.test.apiapp/webapp/test/preview.html b/test/expected/create_ui5_app/com.test.apiapp/webapp/test/preview.html
@@ -0,0 +1,29 @@
+<!doctype html>
+<html>
+	<head>
+		<meta http-equiv="Cache-control" content="no-cache, no-store, must-revalidate" />
+		<meta http-equiv="Pragma" content="no-cache" />
+		<meta http-equiv="expires" content="0" />
+
+		<meta charset="utf-8" />
+
+		<title>UI5 Application: com.test.apiapp</title>
+
+		<!-- The 'data-sap-ui-frameOptions="allow"' in the UI5 bootstrap is a NON-SECURE setting for test environments -->
+		<script
+			id="sap-ui-bootstrap"
+			src="https://ui5.sap.com/1.136.0/resources/sap-ui-core.js"
+			data-sap-ui-resource-roots='{
+				"com.test.apiapp": "../"
+			}'
+			data-sap-ui-on-init="module:sap/ui/core/ComponentSupport"
+			data-sap-ui-compat-version="edge"
+			data-sap-ui-frame-options="allow"
+			data-sap-ui-async="true"
+		></script>
+	</head>
+
+	<body class="sapUiBody">
+		<div data-sap-ui-component data-name="com.test.apiapp"></div>
+	</body>
+</html>
diff --git a/test/lib/tools/create_ui5_app/snapshots/create_ui5_app.integration.ts.md b/test/lib/tools/create_ui5_app/snapshots/create_ui5_app.integration.ts.md
@@ -48,6 +48,7 @@ Generated by [AVA](https://avajs.dev).
         'webapp/test/integration/HelloJourney.ts',
         'webapp/test/integration/opaTests.qunit.ts',
         'webapp/test/integration/pages/MainPage.ts',
+        'webapp/test/preview.html',
         'webapp/test/Test.qunit.html',
         'webapp/test/testsuite.qunit.html',
         'webapp/test/testsuite.qunit.ts',
@@ -103,6 +104,7 @@ Generated by [AVA](https://avajs.dev).
         'webapp/test/integration/HelloJourney.js',
         'webapp/test/integration/opaTests.qunit.js',
         'webapp/test/integration/pages/Main.js',
+        'webapp/test/preview.html',
         'webapp/test/Test.qunit.html',
         'webapp/test/testsuite.qunit.html',
         'webapp/test/testsuite.qunit.js',
diff --git a/test/lib/tools/create_ui5_app/snapshots/create_ui5_app.integration.ts.snap b/test/lib/tools/create_ui5_app/snapshots/create_ui5_app.integration.ts.snap
