分享程序员开发的那些事...
更新时间:2021-09-09 21:52:43
将您的网址 https://www.***.com/watch?v=TTyFV-qhQtQ 更改为 https://www.***.com/embed/TTyFV-qhQtQ
/embed 具有必需的标头.
它在那里是为了用户安全.防止 clickjacking : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
It is there for user security. Prevents clickjacking : https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
embed 端点旨在更安全地显示在外部网站(不是 ***.com )上.
The embed endpoint is desinged to be safer to show on external websites (not ***.com).
拒绝在框架中显示"https://test.share.com/sites/demo/_layouts/15/",因为它将"X-Frame-Options"设置为"sameorigin".
拒绝在框架中显示"https://www.***.com/watch?v=oKZRsBjQJOs",因为它将"X-Frame-Options"设置为"sameorigin"
拒绝在框架中显示"https://www.google.co.in/",因为它将"X-Frame-Options"设置为"sameorigin".在Office 365中
Firebase Facebook身份验证给出错误拒绝以显示< oauth redirect url>在框架中,因为它将"X-Frame-Options"设置为"sameorigin"