CORS & X-Frame-Options CORS , X-Frame-Options, iframe, 外链, Clickjacking
X-Frame-Options
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
服务器端设置 header X-Frame-Options 可以允许或禁止在 frame 中显示页面
https://codepen.io/webgeeker/full/MLLLoY
X-Frame-Options & iframe & CORS
https://github.com/xgqfrms/FEIQA/issues/23
https://stackoverflow.com/questions/6666423/overcoming-display-forbidden-by-x-frame-options
Clickjacking
https://en.wikipedia.org/wiki/Clickjacking
X-Frame-Options middleware
©xgqfrms 2012-2020
xgqfrms