堆栈内存溢出
  简体   繁体   English

如何在不使用iframe的情况下嵌入外部网页?

[英]How to embed an external webpage without using iframe?

 原文  2016-05-02 22:08:11       html/ amazon/ embed

问题描述

I am trying to embed amazon website in a webpage. 我正在尝试将亚马逊网站嵌入网页中。 Something like what is done here: http://en-jo.amazon.shop.cashbasha.com/ 类似于此处执行的操作: http : //en-jo.amazon.shop.cashbasha.com/

I tried to use iframe, but Amazon prevents it from being displayed as a security measure: 我尝试使用iframe,但Amazon阻止将其显示为安全措施: 

<iframe src="http://www.amazon.com/" width="100%" height="100%">
  <p>Your browser does not support iframes.</p>
</iframe>

I get the error: 我得到错误:

Refused to display ' http://www.amazon.com/ ' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'. 拒绝在框架中显示“ http://www.amazon.com/ ”,因为它将“ X-Frame-Options”设置为“ SAMEORIGIN”。

So how did the website above achieve that if Amazon doesn't allow it? 那么,如果亚马逊不允许,上述网站是如何实现的呢?

3 个解决方案

解决方案1
 2  2016-05-02 22:22:49

It appears like the website you are referencing achieved this by entering the pure javascript code and html into their webpage. 好像您所引用的网站通过在其网页中输入纯JavaScript代码和html来实现了这一目标。 Be careful with this site, as it could be a phishing scam. 请谨慎使用此网站,因为它可能是网络钓鱼诈骗。

解决方案2
 2  2016-05-02 22:31:39

I don't think you're going to get much traction with this approach. 我认为您不会通过这种方法获得太大的吸引力。 Browsers are getting very particular about iframes and mixed security levels. 浏览器对iframe和混合安全级别的要求越来越高。 Attempting to find hacks to circumvent this on your client is bound to fail in the long run and puts your users at risk. 从长远来看,试图找到可以避免这种情况发生在您的客户端上的骇客注定会失败,并使您的用户面临风险。

Ref: How Can I Bypass the X-Frame-Options: SAMEORIGIN HTTP Header? 参考: 如何绕过X-Frame-Options:SAMEORIGIN HTTP标头?

Incidentally, I wouldn't (and didn't) click a link formatted like the one you posted. 顺便说一句,我不会(也没有)单击格式与您发布的链接相同的链接。 If I see Amazon in the URL, I expect it to be the base domain. 如果我在URL中看到Amazon,则希望它是基本域。 Otherwise, I assume it was designed to fool a user, so even if a technical solution is found, I don't think you should want to deploy this in practice. 否则,我认为它的目的是欺骗用户,因此,即使找到了技术解决方案,我也不认为您应该在实践中部署它。

解决方案3
 0  2019-01-07 16:13:55

您可以使用X-Frame-Bypass自定义元素,它允许您绕过X-Frame-Options: deny/sameorigin

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在不使用cefpython3的情况下在tkinter中嵌入外部网页 - How to embed an external webpage in tkinter without using cefpython3 在没有iframe / ajax的情况下将外部网页嵌入html - Embed external webpage inside html without iframe/ajax “如何在没有iframe的情况下嵌入外部页面”的问题 - Issues with how to "Embed an External Page Without an Iframe 在没有iframe的情况下嵌入外部页面? - Embed an External Page Without an Iframe? 如何将 iFrame 嵌入外部网站 - How to embed iFrame with external website 如何使用angularjs在网页中嵌入外部文件? - How to embed an external file in a webpage with angularjs? 在不使用iframe的情况下将html页面嵌入到Wordpress中 - embed a html page into Wordpress without using iframe 如何在不破坏浮动布局的情况下嵌入iframe? - How to embed iframe without breaking floated layout? 如何在没有 iframe 的情况下在 javascript 中嵌入网站? - How to embed a website in javascript without an iframe? 嵌入页面没有 iFrame - Embed Page Without iFrame
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM