Spring Security iFrame 'X-Frame-Options' to 'deny'
2018-03-21 23:17
447 查看
报错信息如下:
Refused to display ‘http://localhost:8080/msc/ordertype’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
原因:
Spring-Security 默认是设置了这个 “X-Frame-Options” 属性为DENY
解决:在http配置中设置
X-Frame-Options:
他的值有三个:
(1)DENY — 表示该页面不允许在 frame 中展示,即便是在相同域名的页面中嵌套也不允许。
(2)SAMEORIGIN — 表示该页面可以在相同域名页面的 frame 中展示。
(3)ALLOW-FROM https://example.com/ — 表示该页面可以在指定来源的 frame 中展示。
Refused to display ‘http://localhost:8080/msc/ordertype’ in a frame because it set ‘X-Frame-Options’ to ‘deny’.
原因:
Spring-Security 默认是设置了这个 “X-Frame-Options” 属性为DENY
解决:在http配置中设置
<http auto-config="true" use-expressions="true"> <headers> <frame-options policy="SAMEORIGIN"/> </headers> </http>
X-Frame-Options:
他的值有三个:
(1)DENY — 表示该页面不允许在 frame 中展示,即便是在相同域名的页面中嵌套也不允许。
(2)SAMEORIGIN — 表示该页面可以在相同域名页面的 frame 中展示。
(3)ALLOW-FROM https://example.com/ — 表示该页面可以在指定来源的 frame 中展示。
相关文章推荐
- spring boot 异常Refused to display in a frame because it set 'X-Frame-Options' to 'DENY'
- 浏览器IFrame出Refused to display 'URL' in a frame because it set 'X-Frame-Options' to 'DENY' 的错
- 浏览器IFrame出Refused to display 'URL' in a frame because it set 'X-Frame-Options' to 'DENY' 的错
- ueditor上传图片报'X-Frame-Options' to 'DENY'
- BUG: in a frame because it set 'X-Frame-Options' to 'deny'
- .NET MVC Iframe 'X-Frame-Options' to 'SAMEORIGIN' 解决办法
- in a frame because it set 'X-Frame-Options' to 'DENY'.
- Refused to display in a frame because it set 'X-Frame-Options' to 'DENY'的解决办法
- Spring Security:Refused to display 'http://**' in a frame because it set 'X-Frame-Options' to 'deny'
- Rails 使用iframe报错:IFRAME: Refused to display document because display forbidden by X-Frame-Options
- X-Frame-Options Spring Security 跨域访问问题!
- upgrade to Spring-Security 4.X后的登录问题
- spring-security 关闭“禁止iframe调用”
- onfiguration problem: Unable to locate Spring NamespaceHandler for XML schema namespace [http://www.springframework.org/schema/security]
- Upgrading to Spring Security 2.0(zz)
- saiku - 配置spring-security 允许 iframe加载saiku首页
- How to change GrantedAuthority dynamically in Spring Security framework
- How to use JDBC-Authentication of Spring Boot/Spring Security with Flyway
- Please complete the security check to access www.springframework.org
- 使用 X-Frame-Options 防止被iframe 造成跨域iframe 提交挂掉