1、settings配置
# 页面允许被跨域访问
X_FRAME_OPTIONS ='ALLOWALL'
setting里增加代码:
# 跨域增加忽略 start X_FRAME_OPTIONS = 'ALLOWALL' CORS_ALLOW_CREDENTIALS = True CORS_ORIGIN_ALLOW_ALL = True CORS_ORIGIN_WHITELIST = ( '*' ) CORS_ALLOW_METHODS = ( 'DELETE', 'GET', 'OPTIONS', 'PATCH', 'POST', 'PUT', 'VIEW', ) CORS_ALLOW_HEADERS = ( 'XMLHttpRequest', 'X_FILENAME', 'accept-encoding', 'authorization', 'content-type', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', 'Pragma', ) # 跨域增加忽略 end
2、python源码改动
C:\Python27\Lib\site-packages\django\middleware\clickjacking.py
3.apache里修改:
1>开启Apache的扩展headers_module,
2>在Apache配置文件的空白行加上一下代码:
Header always append X-Frame-Options SAMEORIGIN
完成以上部分,重启Apache服务即可审查页面出现如下代码表示设置成功