X-Frame-Options & iframe & CORS
X-Frame-Options & iframe & CORS
https://github.com/xgqfrms/FEIQA/issues/23
X-Frame-Options
iframe & CORS
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
bug
Uncaught DOMException: Blocked a frame with origin "null" from accessing a cross-origin frame.
sandbox
iframe & mdn
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
const showDOM = (url = ``) => {
let iframeBox = $qs(`[data-img-box="empty-iframe-page-box"]`);
let no_data = `
<p data-no-data="p">
<span data-no-data="span">暂无数据</span>
</p>
`;
try {
if (url) {
let iframe = document.createElement(`iframe`);
iframe.src = url;
// sandbox
// srcdoc
iframe.style.height = `100%`;
iframe.style.width = `100%`;
iframe.style.minHeight = `300px`;
iframe.style.minWidth = `500px`;
iframe.setAttribute(`sandbox`, `allow-scripts`);
iframe.setAttribute(`sandbox`, `allow-scripts`);
iframe.setAttribute(`data-iframe`, `empty-iframe-page`);
iframe.setAttribute(`name`, `页面空模块`);
if (iframeBox) {
iframeBox.innerHTML = "";
iframeBox.insertAdjacentElement(`beforeend`, iframe);
}
}
} catch (err) {
// no data
iframeBox.innerHTML = "";
iframeBox.insertAdjacentHTML(`beforeend`, no_data);
throw new Error(`fetch image error`, err);
}
};
https://community.tableau.com/thread/157316
https://github.com/jeduan/cordova-plugin-facebook4/issues/323
https://stackoverflow.com/questions/6666423/overcoming-display-forbidden-by-x-frame-options#answer-7469997
https://developer.salesforce.com/forums/?id=906F00000009BRJIA2
https://blogs.msdn.microsoft.com/ie/2009/01/27/ie8-security-part-vii-clickjacking-defenses/
好像是服务器为了防止点击劫持,而设置的.
X-Frame-Options
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options#Configuring_Apache
OK
https://cn.bing.com/?intlF=&ensearch=1
x-frame-options: DENY
https://developer.mozilla.org/en-US/docs/Web/CSS/calc
iframe & HTTPS & CORS
https://iframe.xgqfrms.xyz/eapp/index.html#blog.sina.cn
xgqfrms 2012-2020
www.cnblogs.com 发布文章使用:只允许注册用户才可以访问!
最新文章
- pod install后无反应
- UML简介
- Android SDK在线更新镜像服务器大全
- PowerShell让系统可以执行.ps1文件
- matlab inpolygon 判断点在多边形内
- QF——iOS沙盒机制
- Appium0.18.x迁移到Appium1.x须知事项(灰常实用,解答了本人几个疑问)
- HTML输入框只能输入数字或数字字母组合
- hdu_3746: Cyclic Nacklace
- 4.QT中进程操作,线程操作
- ABP给WebApi添加性能分析组件Miniprofiler
- 关于OSI
- java 注解默认值
- Linux-IO重定向与管道
- ES6中变量解构的用途—遍历Map结构
- 【FindReport】图表快速部署开发
- Volley下载图片存放在data/data下 networkImageView lrucache
- jQuery的基本事件
- 可跨平台C++开源图形图像框架:openFrameworks
- 选择排序的JavaScript实现