問題描述

我發現這不起作用:

<iframe src="http://www.yahoo.com"> </iframe>

我已閱讀此問題，但我沒有了解添加的含義:

I have read this question, but I don't understand what they mean by add:

<?php
header('X-Frame-Options: GOFORIT'); 
?>

我嘗試將其添加到我的 html 文件的頂部(當然是將其更改為 php 文件)，我的 php 文件變成了:

I tried to add this to the top of my html file(change it to php file, of course), and my php file became:

<?php
header('X-Frame-Options: GOFORIT'); 
?>
<iframe src="http://www.yahoo.com"> </iframe>

我在我的 appserv(使用 php 5.2.6)中運行它，但它不起作用.有人能解釋一下我應該怎么做才能克服這個問題嗎?

I run it in my appserv(with php 5.2.6), and it doesn't work. Could anybody explain what should I do exactly to overcome this?

推薦答案

你運氣不好:yahoo.com 不允許你在 iframe 中嵌入他們的網站.facebook 或其他熱門網站也沒有.

You're out of luck: yahoo.com doesn't allow you to embed their site in an iframe. Nor does facebook or other popular sites.

此限制的原因是點擊劫持.

您可以通過檢查其站點的響應標頭來驗證這一點；他們指定 X-Frame-Options:SAMEORIGIN 這意味著只有 yahoo.com 可以嵌入 yahoo.com 頁面.

You can verify this by checking the response headers from their site; they specify X-Frame-Options:SAMEORIGIN which means only yahoo.com can embed yahoo.com pages.

一些較舊的瀏覽器不會強制執行標頭，但所有新瀏覽器都會.Afaik，沒有簡單的方法可以解決.

Some older browsers won't enforce the header but all new ones will. Afaik, there's no simple way around it.

我能想到的唯一解決方案是實現代理腳本，即您嵌入一個腳本，該腳本位于您的服務器上，為您獲取遠程內容.

The only solution I can think of is implementing a proxy script, i.e. you embed a script that lives on your server that fetches the remote content for you.

例如.您的 iframe 調用/my-proxy.php?url=http://www.yahoo.com/"，該腳本看起來喜歡:

Eg. your iframe calls "/my-proxy.php?url=http://www.yahoo.com/" and that script would look like:

<?php

header('X-Frame-Options: SAMEORIGIN'); // don't allow other sites to use my proxy
echo file_get_contents($_GET['url']);

您的里程可能會有所不同...

Your mileage may vary...

這篇關于為什么 iframe 對 yahoo.com 不起作用的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！