springBoot springSecurty: x-frame-options deny禁止iframe调用

springBoot springSecurty:  x-frame-options deny禁止iframe调用

https://blog.csdn.net/whiteforever/article/details/73201586

 

 

项目中用到iframe嵌入网页,然后用到springsecurity就被拦截了 浏览器报错  x-frame-options deny 

原因是因为springSecurty使用X-Frame-Options防止网页被Frame

 

.headers().frameOptions().disable()

  

解决办法把x-frame-options disable即可

 protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin().defaultSuccessUrl("/swagger-ui.html").failureUrl("/login") //登录成功之后的跳转
                .permitAll()
                .and()
                .headers().frameOptions().disable()
                .and()
                .logout().logoutSuccessUrl("/login")
                .permitAll();
    }

  

 

posted @ 2018-09-19 16:55  穆晟铭  阅读(11419)  评论(1编辑  收藏  举报