in a frame because it set 'X-Frame-0ptions' to 'deny'
时间: 2023-09-01 18:12:13 浏览: 52
在上传文件时报错的原因是因为设置了'X-Frame-Options'为'deny'导致无法在frame中加载。这是由于使用了Spring Security,而在Spring Security下,'X-Frame-Options'默认为DENY。解决这个问题的方法是配置http的响应头信息,将'X-Frame-Options'属性设置为'SAMEORIGIN'。这样浏览器就只会加载同源域名下的页面。你可以在代码中添加过滤器的配置,具体配置如下:
@WebFilter(filterName = "FrameFilter", urlPatterns = "/*")
public class FrameTao implements Filter {
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("x-frame-options", "SAMEORIGIN");
chain.doFilter(request, response);
}
public void init(FilterConfig config) throws ServletException {
}
public void destroy() {
}
}
通过以上配置,你的文件上传应该就不会再报错了。<span class="em">1</span><span class="em">2</span><span class="em">3</span>
#### 引用[.reference_title]
- *1* *2* [文件上传时报错in a frame because it set 'X-Frame-Options' to 'deny'.](https://blog.csdn.net/flowerStream/article/details/117505971)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"]
- *3* [解决xxx in a frame because it set X-Frame-Options to sameorigin 问题之配置X-Frame-Options头](https://blog.csdn.net/cyjch/article/details/106530814)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v93^chatsearchT3_2"}}] [.reference_item style="max-width: 50%"]
[ .reference_list ]