为什么 iframe 被认为是危险的和安全风险? [英] Why are iframes considered dangerous and a security risk?

问题描述

为什么 iframe 被视为危险和安全风险?有人可以描述一个可以被恶意使用的案例吗?

Why are iframes considered dangerous and a security risk? Can someone describe an example of a case where it can be used maliciously?

推荐答案

一旦您显示来自另一个域的内容，您基本上就相信该域不会提供恶意软件.

As soon as you're displaying content from another domain, you're basically trusting that domain not to serve-up malware.

iframe 本身没有任何问题.如果你控制 iframe 的内容，它们是完全安全的.

There's nothing wrong with iframes per se. If you control the content of the iframe, they're perfectly safe.

这篇关于为什么 iframe 被认为是危险的和安全风险?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！