Google ReCaptcha Uncaught DOMException: Blocked a frame with origin "https://www.google.com"; [英] Google ReCaptcha Uncaught DOMException: Blocked a frame with origin "https://www.google.com"
问题描述
我不确定为什么会发生这种情况,这不是以下常见的常见错误:
I'm not sure why this is happening, and it isn't the usual, common error of:
未捕获的安全错误:阻止具有来源的框架.
我得到的错误是:
未捕获的 DOMException: 阻止了来源为https://www.google.com" 访问跨域框架.
Uncaught DOMException: Blocked a frame with origin "https://www.google.com" from accessing a cross-origin frame.
我正在按照 Google 关于如何启用 ReCaptcha 的说明进行操作,但它对我不起作用!
I'm following Google's instructions on how to enable ReCaptcha, but it isn't working for me!
// top of the page
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
// then somewhere in the bottom
<div class="g-recaptcha" data-sitekey="@Model.Register.CaptchaSiteKey"></div>
我的 CaptchaSiteKey
正在加载(我调试和检查).
My CaptchaSiteKey
is being loaded (I debugged and checked).
推荐答案
同源策略是 Web 应用程序中的一个重要概念安全模型.根据该政策,网络浏览器允许脚本包含在第一个网页中以访问第二个网页中的数据,但仅当两个网页具有相同的来源时.原点定义为URI 方案、主机名和端口号的组合.本政策防止某个页面上的恶意脚本获得访问权限通过该页面的文档对象在另一个网页上的敏感数据模型.
The same-origin policy is an important concept in the web application security model. Under the policy, a web browser permits scripts contained in a first web page to access data in a second web page, but only if both web pages have the same origin. An origin is defined as a combination of URI scheme, hostname, and port number. This policy prevents a malicious script on one page from obtaining access to sensitive data on another web page through that page's Document Object Model.
换句话说:recaptcha
是一个远程脚本资源,为了安全问题,您的网络服务器不允许使用外部资源代码.
In other word: recaptcha
is an Remote Script resource, and for security issues, your web server not allowing to use external resources code.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
要允许任何资源访问您的资源,您可以指定:
To allow any resource to access your resource, you can specify:
访问控制允许来源:*
要允许 https://www.google.com 访问您的资源,您可以指定:
To allow https://www.google.com to access your resource, you can specify:
Access-Control-Allow-Origin:https://www.google.com
Access-Control-Allow-Origin: https://www.google.com
这篇关于Google ReCaptcha Uncaught DOMException: Blocked a frame with origin "https://www.google.com";的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!