更新到 MVC 5 后,iframe 不再有效 [英] After update to MVC 5, iframe no longer works
问题描述
我将我的项目 MVC 版本更新为 5,现在 iFrame 无法加载,我收到此错误:
I updated my project MVC version to 5 and now iFrame does not load, I get this error:
X-Frame-Options 拒绝加载:www.blahblah.com 不允许跨域成帧.
我注意到由于某种原因,现在 X-Frame-Options 标头填充了 SAMEORIGIN,这不允许 iframe 加载来自不同域的页面.这对我来说是一个问题,因为我开发了包含和继承页面.我尝试了 IIS 中的所有方法来更改此标头,但无济于事.
I noticed that for some reason now the X-Frame-Options header has SAMEORIGIN filled which does not allow the iframe to load a page from a different domain. This is a problem for me as I develop both the containing and inheriting page. I tried everything in IIS to change this header to no avail.
有人遇到过这种情况吗?
Anyone encountered this yet?
推荐答案
我终于找到了答案.从 MVC 5 开始,Microsoft 决定默认在其中设置 SAMEORIGIN.我发现关闭此标记的最佳方法是在 Global.asax.cs
I finally found the answer. Starting with MVC 5 Microsoft decided to set SAMEORIGIN in there by default. The best way I found to turn this tag off is by writing the following in the Global.asax.cs
protected void Application_Start()
{
//Bundles and stuff are here
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
}
这篇关于更新到 MVC 5 后,iframe 不再有效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!