使用iframe< x-frame-options>访问网站。
我需要让 https://web.whatsapp.com 通过iframe嵌入在我的网站中。我得到x-frame-options的错误。我使用Express Server,并尝试使用Helmet:
app.use(
helmet.frameguard({
action: "sameorigin",
})
)
似乎不起作用。与deny相同。我读到允许从中不再支持Chrome浏览器。是否有机会绕过或允许x-frame-options接受某些起源? (也许还有其他选择如何嵌入 https://web.whatsapp.com 到我的网站?) 。
I need to have https://web.whatsapp.com embedded in my website via iframe. I get the error of X-Frame-Options. I use express server and I tried to configure it with helmet:
app.use(
helmet.frameguard({
action: "sameorigin",
})
)
Doesn't seem to work. Same with deny. I read that ALLOW-FROM is not supported in Chrome browser anymore. Is there any chance to bypass or allow X-Frame-Options to accept certain origins? (Maybe there is any other options how to embed https://web.whatsapp.com to my website?).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
X框架选项可防止一个站点被构造。由于web.whatsapp.com阻止了框架,除非您代理连接并删除标题,否则您无能为力。将标题添加到网站框架中,另一个不会改变任何东西。
X-Frame-Options prevents a site from being framed. As web.whatsapp.com prevents framing, there is nothing you can do to allow it being framed, unless you proxy the connection and remove headers. Adding headers to the site framing the other won't change anything.