当你尝试在Spring Boot项目中使用iframe标签时,浏览器会报“in a frame because it set 'X-Frame-Options' to 'deny'.”的错误。解决办法如下:
@EnableWebSecurity
public class WebSecurityConfig extends
WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// ...
.headers()
.frameOptions().sameOrigin()
.httpStrictTransportSecurity().disable();
}
}
参考https://docs.spring.io/spring-security/site/docs/current/reference/html/headers.html
网友评论