如何在不使用iframe的情况下嵌入外部网页？ [英] How to embed an external webpage without using iframe?

问题描述

我正在尝试将亚马逊网站嵌入网页中。类似于此处执行的操作：
http://en-jo.amazon.shop .cashbasha.com /

I am trying to embed amazon website in a webpage. Something like what is done here: http://en-jo.amazon.shop.cashbasha.com/

我尝试使用iframe，但Amazon阻止将其显示为安全措施：

I tried to use iframe, but Amazon prevents it from being displayed as a security measure:

<iframe src="http://www.amazon.com/" width="100%" height="100%">
  <p>Your browser does not support iframes.</p>
</iframe>

我收到错误：

拒绝在框架中显示 http://www.amazon.com/ 因为它将
'X-Frame-Options'设置为'SAMEORIGIN'。

Refused to display 'http://www.amazon.com/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.

那么上述网站是如何实现这一目标的如果Amazon不允许这样做？

So how did the website above achieve that if Amazon doesn't allow it?

推荐答案

我认为这种方法不会吸引您很多注意力。浏览器对iframe和混合安全级别的要求越来越高。从长远来看，尝试找到黑客来解决此问题的客户端注定会失败，并使您的用户面临风险。

I don't think you're going to get much traction with this approach. Browsers are getting very particular about iframes and mixed security levels. Attempting to find hacks to circumvent this on your client is bound to fail in the long run and puts your users at risk.

Ref：如何绕过X-Frame-Options：SAMEORIGIN HTTP标头？

顺便说一句，我不会（也没有）单击格式与您发布的链接相同的链接。如果我在URL中看到Amazon，则希望它是基本域。否则，我认为它的目的是欺骗用户，所以即使找到了技术解决方案，我也不认为您应该在实践中部署它。

Incidentally, I wouldn't (and didn't) click a link formatted like the one you posted. If I see Amazon in the URL, I expect it to be the base domain. Otherwise, I assume it was designed to fool a user, so even if a technical solution is found, I don't think you should want to deploy this in practice.

这篇关于如何在不使用iframe的情况下嵌入外部网页？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！