Internal Server Error when accessing package pages

This is for:

Developer System Administrator
In this article

Symptoms

When accessing a Coveo for Sitecore package page, you encounter a 500 - Internal Server Error.

Cause

The Coveo for Sitecore package specifies the SAMEORIGIN value for the X-Frame-Options HTTP response header in some of its pages. This directive conflicts with the DENY directive that Sitecore sets by default for that header. Sometimes, especially in Microsoft Azure environments, this conflict can cause a 500 - Internal Server Error when trying to access pages such as /coveo/rest.

Resolution

This issue is scheduled to be fixed in the next Coveo for Sitecore release.

Workaround

You can remove the X-Frame-Options HTTP response header directive from all Coveo for Sitecore package web.config files.

  1. Open the <SITECORE_INSTANCE_ROOT>\Coveo\Rest\Web.config file in a text editor.

  2. Locate and delete the <httpProtocol> element and its content:

    <httpProtocol>
  <customHeaders>
    <add name="X-Frame-Options" value="SAMEORIGIN" />
  </customHeaders>
</httpProtocol>

  3. Save your changes.

  4. Repeat these steps for all other Coveo for Sitecore package web.config files, specifically:

    • <SITECORE_INSTANCE_ROOT>\Coveo\Hive\init\Web.config**

    • <SITECORE_INSTANCE_ROOT>\Coveo\Hive\search box init\Web.config**

    • <SITECORE_INSTANCE_ROOT>\Coveo\Hive\templates\Web.config**

    • <SITECORE_INSTANCE_ROOT>\layouts\Coveo Hive\Web.config**

    • <SITECORE_INSTANCE_ROOT>\Views\Coveo Hive\Web.config**

  5. If you’re using Coveo for Sitecore SXA, repeat these steps to remove the <httpProtocol> element from the <SITECORE_INSTANCE_ROOT>\Areas\CoveoHiveSxa\Views\Web.config file.