如何使用反向代理绕过 X-Frame-Options: SAMEORIGIN for iframe [英] how to use a reverse proxy to get around X-Frame-Options: SAMEORIGIN for iframe

问题描述

我正在努力解决 X-Frame-Options: SAMEORIGIN 对某些页面的限制，以便我可以将它们放入 iframe.

I am struggling to get around X-Frame-Options: SAMEORIGIN restriction on some pages so I can put them in an iframe.

我知道可以使用反向代理服务器来解决这个问题，但我不确定如何.

I understand that one can use a reverse proxy server to get around that, but I am not sure how.

我需要为一些在 iframe 中有一些外部页面的大厅监视器创建一个触摸屏界面.我这样做是为了将所有内容都打包在同一个 ui 下.所以理想情况下并不是所有的页面都应该使用反向代理.

what I need is to create a touch screen interface for some lobby monitors that would have some external pages in an iframe. I do this to keep everything packed under the same ui. So ideally not all pages should use the reverse proxy.

任何人都可以抛出一些光，最好举个例子吗?

can anyone throw some light, with an example preferably ?

谢谢

推荐答案

下面的 nginx 配置代码可能适合您.它对客户端隐藏了x-frame-options".

This nginx config code below might work for you. It hides the 'x-frame-options' from the client.

server {
  listen 80;
  server_name my-lobby-app.com;

  location / {
    proxy_pass  http://other-site.com
    proxy_set_header Host other-site.com;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_hide_header 'x-frame-options';
  }
}

这篇关于如何使用反向代理绕过 X-Frame-Options: SAMEORIGIN for iframe的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！