Html iFrame 未加载 URL
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10268226/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
iFrame not loading URL
提问by Volatil3
I am using the following simple iFrame code to load Yahoo but it's not loading anyway. in Chrome Inspector I see the URL status as 301 first and then cancel. Any idea why is it happening?
我正在使用以下简单的 iFrame 代码加载 Yahoo,但无论如何它都没有加载。在 Chrome Inspector 中,我首先看到 URL 状态为 301,然后取消。知道为什么会这样吗?
<iframe name="iframe1" src="http://yahoo.com"></iframe>
回答by iambriansreed
You probably get an error message in the log that reads something like this:
您可能会在日志中收到一条错误消息,内容如下:
"Refused to display document because display forbidden by X-Frame-Options."
"Refused to display document because display forbidden by X-Frame-Options."
To answer your question:
回答你的问题:
Yahoo is doing this to avoid clickHymaning attacks, by ensuring that their content is not embedded into other sites.
雅虎这样做是为了 avoid clickHymaning attacks, by ensuring that their content is not embedded into other sites.
For more info read this: https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
有关更多信息,请阅读:https: //developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
回答by naveen
Its also very easy to ask site not to load if you are in an iframe with simple javascript. For example, twitter does this
如果您在使用简单的 javascript 的 iframe 中,那么要求网站不要加载也很容易。例如,推特就是这样做的
<script type="text/javascript">
//<![CDATA[
if (window.top !== window.self) {
document.write = "";
window.top.location = window.self.location;
setTimeout(function () {
document.body.innerHTML = '';
}, 1);
window.self.onload = function (evt) {
document.body.innerHTML = '';
};
}
//]]>
</script>
I did not see a console error here and so I guess this is the case here.
我在这里没有看到控制台错误,所以我想这里就是这种情况。
The Yahoo! JavaScript is obfuscated but you can see they are definitely removing something at this snippet. (Code taken from yahoo website)
雅虎!JavaScript 被混淆了,但您可以看到他们肯定会删除此代码段中的某些内容。(代码取自雅虎网站)
if(self!==self.top){b=function(){if(g.readyState=="complete"){f.remove(g,e,b);
回答by gokul
actually yahoo , google and such website doesn't allow iframes to their site. They blocks iframes to show their website
实际上雅虎、谷歌和这样的网站不允许 iframe 进入他们的网站。他们阻止 iframe 显示他们的网站
回答by James Wierzba
If the site hosting the webpage forces the use of a secure HTTPSconnection, some browsers (chrome for sure) will require that all network resources use HTTPSas well.
如果托管网页的站点强制使用安全HTTPS连接,则某些浏览器(当然是 chrome)将要求所有网络资源也使用HTTPS。
The URL in your current iframe is using HTTP src="http://yahoo.com"
您当前 iframe 中的 URL 正在使用 HTTP src="http://yahoo.com"
Try using HTTPS: src="https://yahoo.com"
尝试使用 HTTPS: src="https://yahoo.com"
回答by eel ghEEz
My latest Firefox silently refused to load an unencrypted iframe when the parent was unencrypted. It showed no console messages about an attempt to load the child or any reason to not try doing so.
当父项未加密时,我最新的 Firefox 默默地拒绝加载未加密的 iframe。它没有显示有关尝试加载子项或任何不尝试这样做的原因的控制台消息。
