问题描述
我正在努力解决 X-Frame-Options: SAMEORIGIN 对某些页面的限制,以便我可以将它们放入 iframe.
I am struggling to get around X-Frame-Options: SAMEORIGIN restriction on some pages so I can put them in an iframe.
我知道可以使用反向代理服务器来解决这个问题,但我不确定如何.
I understand that one can use a reverse proxy server to get around that, but I am not sure how.
我需要为一些在 iframe 中有一些外部页面的大厅监视器创建一个触摸屏界面.我这样做是为了将所有内容都打包在同一个 ui 下.所以理想情况下并不是所有的页面都应该使用反向代理.
what I need is to create a touch screen interface for some lobby monitors that would have some external pages in an iframe. I do this to keep everything packed under the same ui. So ideally not all pages should use the reverse proxy.
任何人都可以抛出一些光,最好举个例子吗?
can anyone throw some light, with an example preferably ?
谢谢
推荐答案
下面的 nginx 配置代码可能适合您.它对客户端隐藏了x-frame-options".
This nginx config code below might work for you. It hides the 'x-frame-options' from the client.
server {
listen 80;
server_name my-lobby-app.com;
location / {
proxy_pass http://other-site.com
proxy_set_header Host other-site.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_hide_header 'x-frame-options';
}
}
这篇关于如何使用反向代理绕过 X-Frame-Options: SAMEORIGIN for iframe的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!