带有谷歌结果的html框架“SAMEORIGIN”错误 [英] html frameset with google results "SAMEORIGIN" error
问题描述
试图使用ajax来定位div,但它不起作用。因此,现在我尝试使用frameset,如
< frameset border = 0 rows =300,*>
< frame src =search.htmlname =toptarget =bottom>
< frame src =bottom.phpname =bottom>
< / frameset>
search.html有一个表单,输入和提交按钮。我希望看到底部谷歌的结果。
bottom.php低于重定向。
<?php
header('Location:http://www.google.com/scholar');
?>
Nytimes.com,bing.com和其他人都很好。但只有google.com有SAMEORIGIN错误。
最好的解决方案是什么?
正如您已经确定的那样,Google会通过发送
x帧来防止取景-options:SAMEORIGIN
响应标题。因此,除了来自同一网域的网页( google.com
)外,Google网页无法成为网页。 code> X-Frame-Options 响应头是一种安全功能,在现代浏览器中无法绕过。 - MDN -
X-Frame-Options
响应标题
- Google产品论坛(2011) - Google.com是否会突然封锁IFraming?
如果您想在您的网站上执行Google搜索,请查看 Google自定义搜索。
tried to use ajax to target div but it's not working. So now I try to use frameset like
<frameset border=0 rows="300, *">
<frame src="search.html" name="top" target="bottom">
<frame src="bottom.php" name="bottom">
</frameset>
The search.html has a form, input and submit button. I wanted to see the results of google on bottom.
The bottom.php is below to redirect.
<?php
header( 'Location: http://www.google.com/scholar' ) ;
?>
Nytimes.com, bing.com and others are fine. But only google.com has "SAMEORIGIN" errors.
What is the best solution to have it?
Thanks in advance.
As you've identified, Google prevents framing by sending a x-frame-options:SAMEORIGIN
response header. Thus, Google pages cannot be framed except in pages from the same domain (google.com
).
The X-Frame-Options
response header is a security feature which cannot be bypassed in modern browsers.
Reference
- MDN -
X-Frame-Options
response header - Google Product Forums (2011) - Is Google.com blocking IFraming all of a sudden?
If you want to implement Google search in your website, look into Google Custom Search.
这篇关于带有谷歌结果的html框架“SAMEORIGIN”错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!