springBoot springSecurty: x-frame-options deny禁止iframe调用
https://blog.csdn.net/whiteforever/article/details/73201586
项目中用到iframe嵌入网页,然后用到springsecurity就被拦截了 浏览器报错 x-frame-options deny
原因是因为springSecurty使用X-Frame-Options防止网页被Frame
1
.headers().frameOptions().disable()
解决办法把x-frame-options disable即可
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setTargetUrlParameter("redirectTo");
http.headers().frameOptions().disable();
http.authorizeRequests()
.antMatchers(adminContextPath + "/assets/**").permitAll()
.antMatchers(adminContextPath + "/actuator/**").permitAll()
.antMatchers(adminContextPath + "/login").permitAll()
.anyRequest().authenticated()
.and()
.formLogin().loginPage(adminContextPath + "/login")
.successHandler(successHandler).and()
.logout().logoutUrl(adminContextPath + "/logout")
.and()
.httpBasic().and()
.csrf().disable();
//@formatter:on
}