add_header X-Frame-Options SAMEORIGIN;
在nginx的,但是當我除去它仍然;它仍然是我不能在我的網站使用iframe和相同的價值得到了以下錯誤:
Refused to display 'xxx' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
刪除此配置並重新啓動兩個nginx的和PHP-FPM,試圖
add_header X-Frame-Options "ALLOWALL";
Nginx的配置:
server {
server_tokens off;
access_log off;
listen 80 default;
server_name www.example.com *.example.com;
root /var/www/vhosts/example.com;
location/{
index index.html index.php;
try_files $uri $uri/ @handler;
expires 30d;
if (!-e $request_filename) {
rewrite ^/([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last;
}
}
set $ssl "off";
if ($http_x_forwarded_proto = "https") {
set $ssl "on";
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
access_log off;
log_not_found off;
expires 30d;
}
location @handler {
rewrite//index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ {
if (!-e $request_filename) { rewrite//index.php last; }
expires off;
fastcgi_pass unix:/var/run/php-fpm/example.sock;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
fastcgi_buffer_size 1024k;
fastcgi_buffers 512 32k;
fastcgi_busy_buffers_size 1024k;
fastcgi_temp_file_write_size 1024k;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
}
與檢查元件檢查時在頭下面實測值:
X-Frame-Options:ALLOW-FROM https://www.youtube.com/
X-Frame-Options:SAMEORIGIN
所以有X框架選項以某種方式添加,但無法找到它
你的問題是什麼? –
爲什麼即使在從nginx配置中刪除x-frame-options之後,我得到了低於錯誤的錯誤? >拒絕在框架中顯示'xxx',因爲它將'X-Frame-Options'設置爲'SAMEORIGIN'。 – MahmoudMustafa
你應該發佈你的nginx配置 –