问题
I have text input. My goal is when I enter url then hit enter. I want to open url in iframe. But some sites return an error. Is there a way to open a web page in iframe
Error message Refused to display 'https://www.mediamarkt.com.tr/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
回答1:
You won't be able to display https://www.mediamarkt.com.tr/ in iframe as server forbids rendering the page outside of its domain name.
Response Header X-Frame-Options indicates from which source(s) page should be able to render. As it is set to sameorigin only applications from https://www.mediamarkt.com.tr/ domain are allowed to display it in iframe.
This is security measure in order to prevent clickjacking attack which prevents users into being tricked to click something they shouldn't have.
You can find more on X-Frame-Options header on the following URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
More on clickjacking can be found here: https://owasp.org/www-community/attacks/Clickjacking
来源:https://stackoverflow.com/questions/63576904/angular-2-iframe-refused-to-display