java 取消iframe,如何禁止从一个iframe网站访问?

I've noticed a few websites deny access from iFrames to their registration and login pages for security reasons. It's a good idea in my opinion.

I'm wondering what settings they need in order to do this as I would like to do the same on my website. The website in question is built in Java and runs on Apache Tomcat.

If anyone knows how this is done it would be great if you could share.

解决方案

well, you should use the x-frame-options.

read this article, hope it helps:

I'm not familiar with jsp and servlets, but i think you could do something like this:

public class NoIFrameAllowedServlet extends HttpServlet {

public void doGet(HttpServletRequest request,

HttpServletResponse response)

throws ServletException, IOException {

response.setHeader("X-Frame-Options", "SAMEORIGIN");

}

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值