服务器设置X-Frame-Options Header响应头(Tomcat,服务器,项目)

解决方案(修改tomcat配置文件)
打开Tomcat配置文件(conf\web.xml)搜索 httpHeaderSecurity有两处地方

<!--第一处将注释放开-->
   <filter>
        <filter-name>httpHeaderSecurity</filter-name>
            <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        <async-supported>true</async-supported>
<!--新增内容-->
        <init-param>
            <param-name>antiClickJackingEnabled</param-name>
            <param-value>true</param-value>
        </init-param>
        <init-param>
            <param-name>antiClickJackingOption</param-name>
            <param-value>SAMEORIGIN</param-value>
        </init-param>
    </filter>
<!--第二处-->
    <filter-mapping>
        <filter-name>httpHeaderSecurity</filter-name>
        <url-pattern>/*</url-pattern>
        <dispatcher>REQUEST</dispatcher>
    </filter-mapping>
posted @ 2021-04-27 10:21  哈喽哈喽111111  阅读(2426)  评论(0编辑  收藏  举报