你运气不好:yahoo.com 不允许你在 iframe 中嵌入他们的网站.facebook 或其他热门网站也没有.

You're out of luck: yahoo.com doesn't allow you to embed their site in an iframe. Nor does facebook or other popular sites.

此限制的原因是点击劫持.

您可以通过检查其站点的响应标头来验证这一点；他们指定 X-Frame-Options:SAMEORIGIN 这意味着只有 yahoo.com 可以嵌入 yahoo.com 页面.

You can verify this by checking the response headers from their site; they specify X-Frame-Options:SAMEORIGIN which means only yahoo.com can embed yahoo.com pages.

一些较旧的浏览器不会强制执行标头，但所有新浏览器都会.Afaik，没有简单的方法可以解决.

Some older browsers won't enforce the header but all new ones will. Afaik, there's no simple way around it.

我能想到的唯一解决方案是实现代理脚本，即您嵌入一个脚本，该脚本位于您的服务器上，为您获取远程内容.

The only solution I can think of is implementing a proxy script, i.e. you embed a script that lives on your server that fetches the remote content for you.

例如.您的 iframe 调用/my-proxy.php?url=http://www.yahoo.com/"，该脚本看起来喜欢:

Eg. your iframe calls "/my-proxy.php?url=http://www.yahoo.com/" and that script would look like:

<?php

header('X-Frame-Options: SAMEORIGIN'); // don't allow other sites to use my proxy
echo file_get_contents($_GET['url']);

您的里程可能会有所不同...

Your mileage may vary...