我使用从 GoDaddy 购买并托管在 AWS s3 上的域创建了一个个人网站 ( http://www.soyoungpark.online )。我设置了所有东西并认为一切正常,直到我将一个简单的链接放到我的linkedin个人资料中。当我检查网络面板时,我看到状态代码是 200 OK 但对于响应.. 什么都没有。代码本身似乎没有问题;它很简单,带有所需链接的href。所以我猜我的 AWS s3 设置可能有问题?有类似经历的人吗?
问问题
1319 次
1 回答
1
It's likely that these services include a header option called "X-Frame" that for security prevents them from being loaded within another site:
The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a
<frame>, <iframe> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites. Source: X-Frame-Options
This does look to be the case when attempting to view Linkedin per your example:
Refused to display 'https://www.linkedin.com/in/exampleuser' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
That said, applying a target Attribute to each to open in a new tab or window should allow these outside services to be navigated to.
e.g:
<a href="https://www.linkedin.com/in/exampleuser" target="_blank">
于 2016-09-09T00:00:20.407 回答