Spring boot X-Frame-Options 异常 a frame because it set 'X-Frame-Options' to 'deny'

本文转载自查看原文 2020-02-08 17:05 2185 Spring Boot

a frame because it set 'X-Frame-Options' to 'deny'

在spring security配置的位置添加

http.headers().frameOptions().disable();

    protected void configure(HttpSecurity http) throws Exception {
        http.headers().frameOptions().disable();
        http.authorizeRequests()
                .antMatchers("/login", "/logout", "/getVerifyCode", "/validateVerifyCode")
                .permitAll()
                .anyRequest().authenticated()

                .and()
                .formLogin()
                .loginPage("/login")
                .successForwardUrl("/success")
                .failureForwardUrl("/failure")

                .and()
                .logout()
                .logoutUrl("/logout")
                .invalidateHttpSession(true)

                .and()
                .csrf().disable();
    }

免责声明！

本站转载的文章为个人学习借鉴使用，本站对版权不负任何法律责任。如果侵犯了您的隐私权益，请联系本站邮箱yoyou2525@163.com删除。

猜您在找 in a frame because it set 'X-Frame-Options' to 'sameorigin' linux中上传文件出现Refused to display 'http://***' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'. springBoot springSecurty: x-frame-options deny禁止iframe调用 Django开发 X-Frame-Options to deny 报错处理 X-Frame-Options X-frame-Options 设置 CORS & X-Frame-Options （一）安全防护：X-Frame-Options(点击劫持) 低危漏洞- X-Frame-Options Header未配置 X-Frame-Options防止网页放在iframe中