SSRS2022 Custom Header Problem

Wilson Shen 0

Hi Guys,

I found SSRS2022 16.0.1116.12 Custom Headers

<Pattern>(?(?=((?![?]).)*api.*|.*rs:embed=true.*|.*rc:toolbar=false.*)(^((?!(.+)((\/api)|(\/(.+)(rs:embed=true|rc:toolbar=false)))).*$))|(^(?!(http|https):\/\/([^\/]+)((\/powerbi.*$)|(.*OpType=Calendar.*)))))</Pattern> <Value>SAMEORIGIN</Value> </Header> <Header> <Name>X-Content-Type-Options</Name> <Pattern>.*((\.js$)|(\.css$)|(\.html$))</Pattern> <Value>nosniff</Value> </Header> </CustomHeaders>

doesn't same as

https://zcusa.951200.xyz/en-us/sql/reporting-services/tools/server-properties-advanced-page-reporting-services?view=sql-server-ver15#options

descripted !

User's image

And which one is correct ?

Regards,

Wilson

1 answer

ZoeHui-MSFT 39,496 Reputation points

2025-01-07T06:38:51.13+00:00
Hi @Wilson Shen，

As said in the documentation,

By default in Reporting Services 2019, there are no custom headers and the value is blank like shown in my environment.

By default in Power BI Report Server January 2020 and later, the value is:

<CustomHeaders> <Header> <Name>X-Frame-Options</Name> <Pattern>(?(?=.*api.*|.*rs:embed=true.*|.*rc:toolbar=false.*)(^((?!(.+)((\/api)|(\/(.+)(rs:embed=true|rc:toolbar=false)))).*$))|(^(?!(http|https):\/\/([^\/]+)\/powerbi.*$)))</Pattern> <Value>SAMEORIGIN</Value> </Header> </CustomHeaders>

Which is different between SSRS and PBIRS.

Regards，

Zoe Hui

If the answer is helpful, please click "Accept Answer" and upvote it.
Please sign in to rate this answer.
Wilson Shen 0 Reputation points

2025-01-09T02:17:06.7566667+00:00

Hi ZoeHui-MSFT,

Thank for your kindly support!

Actually SSRS 2022 Support Custom Headers!

My question is ： SSRS 2022 16.0.1116.12 ( not PBIRS ) DEFAULT Custom Headers

X-Frame-Options <Pattern> begin with NEGATIVE criteria ：(?(?=**((?![?]).)***api

Which is not same as document mentioned !

Regarsd,

Wilson

ZoeHui-MSFT 39,496 Reputation points

2025-01-10T07:46:12.5933333+00:00

Hi @Wilson Shen，

As said in the documentation, the default SSRS 2022 Support Custom Headers should be blank.

So the value in your environment should be added by other members.

If it works fine in your test, you can ignore the difference.

Wilson Shen 0 Reputation points

2025-01-14T06:16:47.55+00:00

Hi ZoeHui,

Thank you for your kind support.

We are in the process of creating a new SSRS 2022 ReportServer database. However, we noticed that the default value for the Custom Headers is not blank.

Our question is: why is the default value of Custom Headers different from what is described in the documentation? The documentation only mentions that the default value is blank in SSRS 2019, but it does not clarify the blank default value for SSRS 2022.

Could you please provide further clarification on this matter?

And whith regex is correctly ?

Thank you in advance for your assistance!

Best regards,
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

SSRS2022 Custom Header Problem

1 answer

Your answer