更新到 MVC 5 后，iframe 不再有效 [英] After update to MVC 5, iframe no longer works

问题描述

我将我的项目 MVC 版本更新为 5，现在 iFrame 无法加载，我收到此错误:

I updated my project MVC version to 5 and now iFrame does not load, I get this error:

X-Frame-Options 拒绝加载:www.blahblah.com 不允许跨域成帧.

我注意到由于某种原因，现在 X-Frame-Options 标头填充了 SAMEORIGIN，这不允许 iframe 加载来自不同域的页面.这对我来说是一个问题，因为我开发了包含和继承页面.我尝试了 IIS 中的所有方法来更改此标头，但无济于事.

I noticed that for some reason now the X-Frame-Options header has SAMEORIGIN filled which does not allow the iframe to load a page from a different domain. This is a problem for me as I develop both the containing and inheriting page. I tried everything in IIS to change this header to no avail.

有人遇到过这种情况吗?

Anyone encountered this yet?

推荐答案

我终于找到了答案.从 MVC 5 开始，Microsoft 决定默认在其中设置 SAMEORIGIN.我发现关闭此标记的最佳方法是在 Global.asax.cs

I finally found the answer. Starting with MVC 5 Microsoft decided to set SAMEORIGIN in there by default. The best way I found to turn this tag off is by writing the following in the Global.asax.cs

protected void Application_Start()
{
//Bundles and stuff are here
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
}

这篇关于更新到 MVC 5 后，iframe 不再有效的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！