{"id":529,"date":"2020-04-07T11:59:37","date_gmt":"2020-04-07T03:59:37","guid":{"rendered":"https:\/\/qtvz.com\/?p=529"},"modified":"2020-04-07T11:59:37","modified_gmt":"2020-04-07T03:59:37","slug":"web%e5%ae%89%e5%85%a8%e6%bc%8f%e6%b4%9e-%e4%b9%8b-x-frame-options%e5%93%8d%e5%ba%94%e5%a4%b4%e9%85%8d%e7%bd%ae","status":"publish","type":"post","link":"https:\/\/qtvz.com\/529.html","title":{"rendered":"Web\u5b89\u5168\u6f0f\u6d1e \u4e4b X-Frame-Options\u54cd\u5e94\u5934\u914d\u7f6e"},"content":{"rendered":"<!--wp-compress-html--><!--wp-compress-html no compression--><p>\u539f\u6587\uff1a<a href=\"https:\/\/qtvz.com\/redirect\/aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3hwX2x4MS9hcnRpY2xlL2RldGFpbHMvODA2NzY2MzA=\" target=\"_blank\">https:\/\/blog.csdn.net\/xp_lx1\/article\/details\/80676630<\/a><\/p>\n<h4>\u914d\u7f6ehttp\u7684\u54cd\u5e94\u5934\u4fe1\u606f\uff1a\u5c5e\u6027\u540dX-Frame-Options\u3002<\/h4>\n<p>\u3010\u539f\u7406\u3011\u53ef\u4ee5\u914d\u7f6e\u7684\u53c2\u6570\u6709\u4e24\u4e2a\uff1a<br \/>\nX-Frame-Options \u54cd\u5e94\u5934\u6709\u4e09\u4e2a\u53ef\u9009\u7684\u503c\uff1a<br \/>\nDENY\uff1a\u9875\u9762\u4e0d\u80fd\u88ab\u5d4c\u5165\u5230\u4efb\u4f55iframe\u6216frame\u4e2d\uff1b<br \/>\nSAMEORIGIN\uff1a\u9875\u9762\u53ea\u80fd\u88ab\u672c\u7ad9\u9875\u9762\u5d4c\u5165\u5230iframe\u6216\u8005frame\u4e2d\uff1b<br \/>\nALLOW-FROM\uff1a\u9875\u9762\u5141\u8bb8frame\u6216frame\u52a0\u8f7d\u3002<\/p>\n<p>\u5728\u670d\u52a1\u7aef\u8bbe\u7f6e\u7684\u65b9\u5f0f\u5982\u4e0b\uff1a<\/p>\n<p>Java\u4ee3\u7801:<\/p>\n<pre><code class=\"language-java\">response.addHeader(&quot;x-frame-options&quot;,&quot;SAMEORIGIN&quot;);<\/code><\/pre>\n<p>Nginx\u914d\u7f6e:<\/p>\n<pre><code class=\"language-java\">add_header X-Frame-Options SAMEORIGIN<\/code><\/pre>\n<p>Apache\u914d\u7f6e:<\/p>\n<pre><code class=\"language-java\">Header always append X-Frame-Options SAMEORIGIN<\/code><\/pre>\n<p>\u4e00\u822c\u9009\u7b2c\u4e8c\u4e2a\u53c2\u6570\u5c31\u53ef\u4ee5\u4e86\u3002<\/p>\n<h4>\u3010\u6b65\u9aa4\u3011<\/h4>\n<h6>1.\u5728src\u76ee\u5f55\u4e0b\u5efa\u4e00\u4e2a\u5305\uff0c\u547d\u540d\u4e3afilter\u3002\u5728\u5305\u91cc\u5efa\u7c7b\u540d\u4e3aFrameTao\u3002\u5185\u5bb9\u5982\u4e0b\uff1a<\/h6>\n<pre><code class=\"language-java\">package filter;\n\nimport java.io.IOException;\nimport javax.servlet.Filter;\nimport javax.servlet.FilterChain;\nimport javax.servlet.FilterConfig;\nimport javax.servlet.ServletException;\nimport javax.servlet.ServletRequest;\nimport javax.servlet.ServletResponse;\nimport javax.servlet.http.HttpServletRequest;\nimport javax.servlet.http.HttpServletResponse;\n\npublic class FrameTao implements Filter {\n\n    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {\n    \/\/\u5fc5\u987b\n        HttpServletRequest request = (HttpServletRequest) req;  \n        HttpServletResponse response = (HttpServletResponse) res;  \n        \/\/\u5b9e\u9645\u8bbe\u7f6e\n    response.setHeader(&quot;x-frame-options&quot;, &quot;SAMEORIGIN&quot;);  \n    \/\/\u8c03\u7528\u4e0b\u4e00\u4e2a\u8fc7\u6ee4\u5668\uff08\u8fd9\u662f\u8fc7\u6ee4\u5668\u5de5\u4f5c\u539f\u7406\uff0c\u4e0d\u7528\u52a8\uff09\n    chain.doFilter(request, response);\n    }  \n\n    public void init(FilterConfig config) throws ServletException {\n    }\n\n    public void destroy() {\n    }\n\n}<\/code><\/pre>\n<h6>2.\u5728web.xml\u6587\u4ef6\u4e0b\u6dfb\u52a0\u4ee5\u4e0b\u5185\u5bb9\uff1a<\/h6>\n<pre><code class=\"language-java\">    &lt;!-- \u8bbe\u7f6eFrame\u5934\uff0c\u9632\u6b62\u88ab\u5d4c\u5957 --&gt;\n&lt;filter&gt;\n    &lt;filter-name&gt;FrameFilter&lt;\/filter-name&gt;\n    &lt;filter-class&gt;filter.FrameTao&lt;\/filter-class&gt;\n&lt;\/filter&gt;\n&lt;filter-mapping&gt;\n    &lt;filter-name&gt;FrameFilter&lt;\/filter-name&gt;  \n    &lt;url-pattern&gt;\/*&lt;\/url-pattern&gt;\n&lt;\/filter-mapping&gt;<\/code><\/pre>\n<p>3.\u542f\u52a8\u670d\u52a1\u5668\u3002<\/p>\n<p>\u6253\u5f00\u706b\u72d0\u6d4f\u89c8\u5668\uff0c\u6253\u5f00\u4f60\u7684\u6b64\u9879\u76ee\u4efb\u4e00\u7f51\u9875\u3002<\/p>\n<p>\u53f3\u952e\u67e5\u770b\u5143\u7d20\uff1a<br \/>\n<img src=\"https:\/\/qtvz.com\/wp-content\/uploads\/2020\/04\/20171130124623500.png\" alt=\"undefined\" alt=\"Web\u5b89\u5168\u6f0f\u6d1e \u4e4b X-Frame-Options\u54cd\u5e94\u5934\u914d\u7f6e JAVA\u8d44\u6599 \u7b2c1\u5f20\" title=\"Web\u5b89\u5168\u6f0f\u6d1e \u4e4b X-Frame-Options\u54cd\u5e94\u5934\u914d\u7f6e JAVA\u8d44\u6599 \u7b2c1\u5f20-Qtvz\" ><\/p>\n<!--wp-compress-html no compression--><!--wp-compress-html-->","protected":false},"excerpt":{"rendered":"\u539f\u6587\uff1ahttps:\/\/blog.csdn.net\/xp_lx1\/article\/details\/80676630 \u914d\u7f6ehttp\u7684\u54cd\u5e94\u5934\u4fe1\u606f\uff1a\u5c5e\u6027\u540dX-Frame-Options\u3002 \u3010\u539f\u7406\u3011\u53ef\u4ee5\u914d\u7f6e\u7684\u53c2 \u00b7\u00b7\u00b7","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[40],"tags":[50],"views":14039,"_links":{"self":[{"href":"https:\/\/qtvz.com\/api\/wp\/v2\/posts\/529"}],"collection":[{"href":"https:\/\/qtvz.com\/api\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qtvz.com\/api\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/comments?post=529"}],"version-history":[{"count":2,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/posts\/529\/revisions"}],"predecessor-version":[{"id":532,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/posts\/529\/revisions\/532"}],"wp:attachment":[{"href":"https:\/\/qtvz.com\/api\/wp\/v2\/media?parent=529"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/categories?post=529"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qtvz.com\/api\/wp\/v2\/tags?post=529"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}