发表新帖
发表新帖

iframe and external website

前端 未结
关注
4 1647
春和景丽
春和景丽 2021-02-01 06:12

So I have this code:

and the l

相关标签:
4条回答
  • 旧时难觅i
    2021-02-01 06:19

    If you run the code snippet below:

    <iframe src="https://www.youtube.com"></iframe>

    Then look at dev tools, it will throw the error:

    Refused to display 'https://www.youtube.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

    This is because the site you are trying to access limits embedding (via iframe, frame, embed, object) to the same origin using the X-Frame-Options header. So youtube.com can load iframes with youtube.com pages just fine, but nobody else can. Only site admins for the embedded site can change that setting.

    If you have admin for the site you are embedding, you can whitelist the the host site:

    X-Frame-Options: allow-from https://my-host-site.com/

    This has to be sent as a HTTP Header by the server of the page you are trying to embed. It will not work as a meta tag inside the HTML head. This is how the browser knows the site you are embedding ok'd the site that is hosting to show the page in the iframe.

    0 讨论(0)
  • 南笙
    2021-02-01 06:23

    You are probably experiencing the same issues I am having, Most likely the iframe is being blocked by the X-frame-options or being blocked by the Deny property. For example if you access facebook from an outside source it will come back with a DENY response in google chrome

    0 讨论(0)
  • 遇见更好的自我
    2021-02-01 06:35

    It appears to be a youtube-only problem; src="http://www.mozilla.org" works for me in your code. If you want to display youtube videos in iframes, they'll probably want you to use "embed" option on the video page?

    0 讨论(0)
  • 不知归路
    2021-02-01 06:36

    The reason why external websites such as:

    1. youtube.com
    2. google.com
    3. stackoverflow.com
    4. etc.

    are not loading in your frame, is because they are intentionally leveraging some sort of Frame Killer.

    Example (uses jQuery):

    <style> html{display:none;} </style>
<script type="text/javascript">
    $(document).ready(function () {
        if(window.self == window.top) {
            document.documentElement.style.display = 'block'; }
        else {
       window.top.location = window.self.location; }
    });
</script>

    Suggested reading:

    • Framekiller (Wikipedia)
    • Busting a tough FRAME killer
    0 讨论(0)
 看不清?
提交回复
热议问题