springBoot springSecurty: x-frame-options deny禁止iframe調用

springBoot springSecurty:  x-frame-options deny禁止iframe調用

https://blog.csdn.net/whiteforever/article/details/73201586

 

 

項目中用到iframe嵌入網頁，而後用到springsecurity就被攔截了 瀏覽器報錯  x-frame-options deny 

緣由是由於springSecurty使用X-Frame-Options防止網頁被Frame

 

.headers().frameOptions().disable()

　　

解決辦法把x-frame-options disable便可

 protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin().defaultSuccessUrl("/swagger-ui.html").failureUrl("/login") //登陸成功以後的跳轉
                .permitAll()
                .and()
                .headers().frameOptions().disable()
                .and()
                .logout().logoutSuccessUrl("/login")
                .permitAll();
    }