更新时间:2021-09-09 21:52:43
将您的网址 https://www.***.com/watch?v=TTyFV-qhQtQ
更改为 https://www.***.com/embed/TTyFV-qhQtQ
/embed
具有必需的标头.
它在那里是为了用户安全.防止 clickjacking
: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
It is there for user security. Prevents clickjacking
: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
embed
端点旨在更安全地显示在外部网站(不是 ***.com
)上.
The embed
endpoint is desinged to be safer to show on external websites (not ***.com
).
拒绝在框架中显示"https://test.share.com/sites/demo/_layouts/15/",因为它将"X-Frame-Options"设置为"sameorigin".
拒绝在框架中显示"https://www.***.com/watch?v=oKZRsBjQJOs",因为它将"X-Frame-Options"设置为"sameorigin"
拒绝在框架中显示"https://www.google.co.in/",因为它将"X-Frame-Options"设置为"sameorigin".在Office 365中
Firebase Facebook身份验证给出错误拒绝以显示< oauth redirect url>在框架中,因为它将"X-Frame-Options"设置为"sameorigin"