如何使用react应用程序将一个asp.net核心控制器操作视图访问到iframe中? [英] How to access a one of the asp.net core controller action view into an iframe using react application?

问题描述

当iam尝试从react应用程序访问asp.net核心应用程序控制器视图之一时，在iam的浏览器控制台中会出现

When iam trying to access one of the asp.net core application controller view from react application, In the browser console iam getting eror like

'拒绝在框架中显示'http://localhost:1212/Account/Login/?ReturnUrl =％Home％MyIFrame％3url％TestData'，因为它将'X-Frame-Options'设置为'sameorigin'.'

因为我使用 [Authorize]属性

在 startup.cs 文件中包含了

Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory){
app.UseCors(
                options => options
                   .WithOrigins(
                     "http://localhost:3000",
                 )
                   .AllowAnyMethod()
                   .AllowAnyHeader()
                );
} 

推荐答案

X-FRAME-OPTIONS 是一个Web标头，可用于允许或拒绝要进行页面修饰的页面.当防止 clickjacking 尝试时，这一点非常重要.

X-FRAME-OPTIONS is a web header that can be used to allow or deny a page to be iframed. This is very important when protecting against clickjacking attempts.

不建议这样做，但是如果要更改使应用程序被编译，可以尝试在asp.net核心应用程序的 Configure 函数中的config下面添加设置以设置X-Frame-Options 响应标头，例如:

Thought it is not recommended , but if you want to change the make your application be iframed , you can try to add below config in Configure function of asp.net core application to set X-Frame-Options response header , for example:

app.Use(async (context, next) =>
{
    context.Response.Headers.Add("X-Frame-Options", "AllowAll");
    await next();
});
app.UseMvc();

这篇关于如何使用react应用程序将一个asp.net核心控制器操作视图访问到iframe中?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！