如何使用react应用程序将一个asp.net核心控制器操作视图访问到iframe中? [英] How to access a one of the asp.net core controller action view into an iframe using react application?
问题描述
当iam尝试从react应用程序访问asp.net核心应用程序控制器视图之一时,在iam的浏览器控制台中会出现
When iam trying to access one of the asp.net core application controller view from react application, In the browser console iam getting eror like
'拒绝在框架中显示'http://localhost:1212/Account/Login/?ReturnUrl =%Home%MyIFrame%3url%TestData',因为它将'X-Frame-Options'设置为'sameorigin'.
'
因为我使用 [Authorize]属性
在 startup.cs
文件中包含了
Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory){
app.UseCors(
options => options
.WithOrigins(
"http://localhost:3000",
)
.AllowAnyMethod()
.AllowAnyHeader()
);
}
推荐答案
X-FRAME-OPTIONS
是一个Web标头,可用于允许或拒绝要进行页面修饰的页面.当防止 clickjacking 尝试时,这一点非常重要.
X-FRAME-OPTIONS
is a web header that can be used to allow or deny a page to be iframed. This is very important when protecting against clickjacking attempts.
不建议这样做,但是如果要更改使应用程序被编译,可以尝试在asp.net核心应用程序的 Configure
函数中的config下面添加设置以设置X-Frame-Options
响应标头,例如:
Thought it is not recommended , but if you want to change the make your application be iframed , you can try to add below config in Configure
function of asp.net core application to set X-Frame-Options
response header , for example:
app.Use(async (context, next) =>
{
context.Response.Headers.Add("X-Frame-Options", "AllowAll");
await next();
});
app.UseMvc();
这篇关于如何使用react应用程序将一个asp.net核心控制器操作视图访问到iframe中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!