javascript iframe 中的 HTTP 重定向而不是父窗口中的重定向
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21350354/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
HTTP redirect in iframe instead of redirecting in the parent window
提问by Bourne
I am working on a web application. In this web application I have to load a web page from a different servers(Eg: www.xyz.com) in an iframe. But sometimes when I try to load the web page from some different server in the iframe the server responds with HTTP status code 302 (stands for redirect) with the redirect link in the Location header field. When this happens the main window(my web app) is redirected instead of redirection happening only in the iframe. How can I ensure that the redirection happens only in the iframe instead of the main window?
我正在开发一个 Web 应用程序。在此 Web 应用程序中,我必须从 iframe 中的不同服务器(例如:www.xyz.com)加载网页。但有时当我尝试从 iframe 中的某个不同服务器加载网页时,服务器会以 HTTP 状态代码 302(代表重定向)与位置标头字段中的重定向链接进行响应。发生这种情况时,将重定向主窗口(我的 Web 应用程序),而不是仅在 iframe 中发生重定向。如何确保重定向仅发生在 iframe 而不是主窗口?
回答by adigioia
Use sandbox="..."
使用沙箱="..."
- allow-forms allows form submission
- allow-popups allows popups
- allow-pointer-lock allows pointer lock
- allow-same-origin allows the document to maintain its origin
- allow-scripts allows JavaScript execution, and also allows features to trigger automatically
- allow-top-navigation allows the document to break out of the frame by navigating the top-level window
- allow-forms 允许表单提交
- allow-popups 允许弹出窗口
- allow-pointer-lock 允许指针锁定
- allow-same-origin 允许文档保持其来源
- allow-scripts 允许 JavaScript 执行,也允许功能自动触发
- allow-top-navigation 允许文档通过导航顶层窗口跳出框架
Top navigation is what you want to prevent, so leave that out and it will not be allowed. Anything left out will be blocked
顶部导航是您想要阻止的,因此将其排除在外,它将不被允许。任何遗漏将被阻止
ex.
前任。
<iframe sandbox="allow-same-origin allow-scripts allow-popups allow-forms" src="http://www.example.com"</iframe>
回答by romaricdrigon
The issue is not about your redirection, but about what happens before: I suppose the user is submitting a form, through POST, and the webserver replies a 302 redirection as per best practice.
问题不在于您的重定向,而在于之前发生的事情:我想用户正在通过 提交表单POST,并且网络服务器根据最佳实践回复 302 重定向。
If a <form>has an actionattribute pointing to another page, its answer will redirect the topiframe. I couldn't find any reference document stating that behavior, but that's how it works in current browsers.
如果 a<form>具有action指向另一个页面的属性,则其答案将重定向顶部iframe。我找不到任何说明该行为的参考文档,但这就是它在当前浏览器中的工作方式。
The solution is to set the targetattribute to _self:
解决方案是将target属性设置为_self:
<iframe>
...
<form action="http..." target="_self" >
...
</iframe>
The sandboxattribute won't help here, you likely want to omit the attribute or to set allow-forms allow-navigationat least.
该sandbox属性在这里无济于事,您可能希望省略该属性或allow-forms allow-navigation至少设置。
回答by Harris Phan
It works for me when I set target="iframe_name".
当我设置 target="iframe_name" 时它对我有用。
