Nginx 服务器编辑以允许来自任何站点的 iframe
Nginx server edit to allow iframe from any site
我做了一个curl -I www.site.com,这是结果
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Sep 2015 13:16:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 103555
Connection: keep-alive
Vary: Accept-Encoding
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Set-Cookie: csrftoken=hkixBLlqGGXlt1fGrbfBM3aF3G1Cpxxp; expires=Mon, 19-Sep-2016 13:16:11 GMT; Max-Age=31449600; Path=/
我需要为 X-Frame-Options: 编辑服务器以允许所有。这很微妙,因此我没有在不确定的情况下进行测试。将对此提供一些指导。
中间件中有防止点击劫持的功能,一旦我删除它就可以完美运行。
MIDDLEWARE_CLASSES = (
#'django.middleware.cache.UpdateCacheMiddleware',
#'django.middleware.gzip.GZipMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
#'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.contrib.redirects.middleware.RedirectFallbackMiddleware',
#'django.middleware.cache.FetchFromCacheMiddleware',
'minidetector.Middleware',
'mobileesp.middleware.MobileDetectionMiddleware',
#'django_mobileesp.middleware.UserAgentDetectionMiddleware',
)
我做了一个curl -I www.site.com,这是结果
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Sep 2015 13:16:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 103555
Connection: keep-alive
Vary: Accept-Encoding
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Set-Cookie: csrftoken=hkixBLlqGGXlt1fGrbfBM3aF3G1Cpxxp; expires=Mon, 19-Sep-2016 13:16:11 GMT; Max-Age=31449600; Path=/
我需要为 X-Frame-Options: 编辑服务器以允许所有。这很微妙,因此我没有在不确定的情况下进行测试。将对此提供一些指导。
中间件中有防止点击劫持的功能,一旦我删除它就可以完美运行。
MIDDLEWARE_CLASSES = (
#'django.middleware.cache.UpdateCacheMiddleware',
#'django.middleware.gzip.GZipMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
#'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.contrib.redirects.middleware.RedirectFallbackMiddleware',
#'django.middleware.cache.FetchFromCacheMiddleware',
'minidetector.Middleware',
'mobileesp.middleware.MobileDetectionMiddleware',
#'django_mobileesp.middleware.UserAgentDetectionMiddleware',
)