Generic solution of 'X-Frame-Options' to &

2019-01-29 00:46发布

问题:

I am trying to open http://teeSpring.com/ in an iframe. It is throwing Refused to display 'http://teespring.com/' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'. error.
I have gone through multiple answers but none of it worked for me. Most of the solutions are specific to google-maps, facebook or youtube video.
Here is my code:

<html>
    <head>
        <base target="_blank" />
        <script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
    </head>
    <body>
        <iframe src="http://teespring.com" name="frame1" style="border: 0; width:20%; height:20%; overflow:auto;">

        </iframe>
    </body>
</html>

I did use target="_blank" but no luck.

Note: Trying to open third party pages. So I have no control over adding header or other meta data.

回答1:

teespring.com is telling your visitors' browsers that they should not display it in a frame.

You have four options:

  • Talk to whomever runs teespring.com and convince them not to do that
  • Just link to them instead of trying to shove them into a frame
  • Don't point your visitors to them at all
  • Proxy their site and point the iframe at your proxy (this may step into copyright infringement territory)