如何解决iframe跨域问题 [英] how to resolve iframe cross domain issue
问题描述
我正在制作必须显示另一个域名网页的网页。
I'm making web page that has to show another domain's web page.
例如,在我的网页html中,有两个 < div> 标签。
For example, in my web html, there are two <div> tags.
赞:
<html>
<head></head>
<body>
<div>
<p> hello world </p>
</div>
<div>
<!-- other domain's web page comes here -->
</div>
</body>
</html>
要解决我的问题,我应该使用< iframe> ,< embed> 或< object> 标签,但这会导致交叉域名问题。所以,我不能用它来显示其他域名的网页。他们不允许我使用它。
To resolve my issue, I should use <iframe>, <embed> or <object> tags, but this causes the cross domain problem. So, I can't use it to show other domain's web page. They doesn't allow me to use it.
所以,例如:
<iframe src="http://stackoverflow.com"></iframe>
它不起作用。我的网页无法显示 stackoverflow.com 。因为, stackoverflow 否认了这一点。
It doesn't work. My web page can't show stackoverflow.com. Because, stackoverflow denies this.
我已经搜索了很多这些问题。但它们只是 ajax 或 JSONP 。它不是 iframe 。
I have searched lots of things with these issues. But they are just ajax or JSONP. It was not iframe.
是否有解决方案来解决我的问题?或者是不可能实现这个?
Are there solutions to resolve my problem?? Or is it impossible to implement this?
推荐答案
您需要控制要嵌入的域以删除/修改其CORS策略。域名已经明确地阻止了跨域请求,你无能为力。
You need control over the domain you want to embed to remove/amend its CORS policy. It the domain has explicitely blocked Cross-Origin requests, there's nothing you can do about it.
这用于避免任何人劫持你想要的任何网站(你可能有一个全屏谷歌在iframe中运行,你的广告在bestgoogle.com上运行,就像那样)。
This is used to avoid anyone hijacking any site you want (you could have a full screen Google in an iframe running with your ads on top on bettergoogle.com, things like that).
这篇关于如何解决iframe跨域问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
