iframe沙盒使用'allow-same-origin'标志错误 [英] Iframe sandboxing with 'allow-same-origin' flag error
问题描述
有人可以提供有关此错误的更多信息以及'allow-same-origin'标志的工作原理吗?我在Chrome浏览器中收到以下iframe沙盒错误:
Can someone please provide me more information on this error and how 'allow-same-origin' flag works? I am getting following error in Chrome for iframe Sandboxing:
Uncaught SecurityError:无法从'HTMLIFrameElement'读取'contentDocument'属性:Sandbox访问冲突:阻止 http://192.168.0.169 的框架访问 http://192.168.0.169 。正在访问的框架是沙盒,缺少允许同源标记。
Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Sandbox access violation: Blocked a frame at "http://192.168.0.169" from accessing a frame at "http://192.168.0.169". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.
我很困惑,为什么我需要当192.168.0.169的帧从同一个IP地址访问另一个帧时,'allow-same-origin'标志。
非常感谢。
I am little confused as why I would need 'allow-same-origin' flag when frame from 192.168.0.169 is accessing another frame from same ip address. Thank you very much.
推荐答案
你的iframe中可能有一个sandbox属性:
You probably have a sandbox attribute in your iframe:
沙箱属性为iframe中的内容启用了一组额外的限制,它是已启用权限的白名单,
The sandbox attribute enables an extra set of restrictions for the content in the iframe, and it is a whitelist of enabled permissions,
所以您可以删除该属性,也可以编辑它以适合您需要的权限。
so You could either remove the attribute, or edit it to fit the permissions You need.
可以在此处找到可选权限: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
optional permissions could be found here: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
以及更多信息: http://www.html5rocks.com/en/tutorials/security/sandboxed-iframes/
这篇关于iframe沙盒使用'allow-same-origin'标志错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
