捕捉"X-Frame-Options禁止的显示" [英] Catching "Display forbidden by X-Frame-Options”
问题描述
我知道无法克服此错误.
I understand that this error can not be overcome.
但是我想做的是,当我遇到无法嵌入的页面时,该页面只是作为弹出窗口加载.当前正在发生的事情是,我被重定向到该页面.
But what I would like to do is that when I encounter a page that can't be embed instead the page simply loads as a pop up. What is currently happening is that I am being redirected to the page.
对于无法嵌入的页面,我在chrome中看到以下错误.
I see the following error in chrome for pages that are unable to be embedded.
Refused to display 'http://www.nokia.com/us-en/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'
推荐答案
以下是指向类似答案的链接,该答案提供了PHP脚本来检查标头: 检测X-Frame-Options
Here is a link to a similar answer that provides a PHP script to check the headers: Detect X-Frame-Options
您可以对其进行修改,以使其采用GET变量,例如:
You can modify it so that it takes a GET variable as such:
$error=false;
$urlhere=$_GET["url"];
$ch = curl_init();
$options = array(
CURLOPT_URL => $urlhere,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HEADER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_ENCODING => "",
CURLOPT_AUTOREFERER => true,
CURLOPT_CONNECTTIMEOUT => 120,
CURLOPT_TIMEOUT => 120,
CURLOPT_MAXREDIRS => 10,
);
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch);
$headers=substr($response, 0, $httpCode['header_size']);
if(strpos($headers, 'X-Frame-Options: deny')>-1||strpos($headers, 'X-Frame-Options: SAMEORIGIN')>-1) {
$error=true;
}
$httpcode= curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo json_encode(array('httpcode'=>$httpcode, 'error'=>$error));
然后使用ajax请求测试每个网址
Then use an ajax request to test each url
$.getJSON("/path/to/script.php?url="+url_variable, function (data) {
if (data.error) {
// code to display pop-up
} else {
// code to display iframe
}
});
这篇关于捕捉"X-Frame-Options禁止的显示"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!