Refused to display ‘https://yourdomain.com/‘ in a frame because it set ‘X-Frame-Options‘ to ‘deny‘.
Refused to display 'https://yourdomain.com/' in a frame because it set 'X-Frame-Options' to 'deny'. 使用的 iframe 框架,访问时被防点击劫持拦截了
·
后台使用的 iframe 框架,访问时被防点击劫持拦截了,如下提示:
Refused to display 'https://jky.hnxcp.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
web.config增加如下代码
<configuration>
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="X-Frame-Options" value="SAMEORIGIN" />
</customHeaders>
</httpProtocol>
</system.webServer>
</configuration>PHP 尝试:
header('X-Frame-Options: SAMEORIGIN'); // 允许同一来源的框架嵌入
header_remove('X-Frame-Options');
header('X-Frame-Options: ALLOW-FROM http://example.com');
header('Content-Security-Policy: frame-ancestors 'self'');
ini_set('allow_url_fopen', 1);
ini_set('allow_url_include', 1);php.ini
allow_url_fopen = On
allow_url_include = On
技术共进,成长同行——讯飞AI开发者社区
更多推荐
3
0- 0
已为社区贡献6条内容
所有评论(0)