iFrame not loading URL

2019-02-02 08:43发布

问题:

I am using the following simple iFrame code to load Yahoo but it's not loading anyway. in Chrome Inspector I see the URL status as 301 first and then cancel. Any idea why is it happening?

<iframe name="iframe1" src="http://yahoo.com"></iframe>

回答1:

You probably get an error message in the log that reads something like this:

"Refused to display document because display forbidden by X-Frame-Options."

To answer your question:

Yahoo is doing this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

For more info read this: https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header



回答2:

Its also very easy to ask site not to load if you are in an iframe with simple javascript. For example, twitter does this

<script type="text/javascript">
//<![CDATA[
    if (window.top !== window.self) {
        document.write = "";
        window.top.location = window.self.location;
        setTimeout(function () {
            document.body.innerHTML = '';
        }, 1);
        window.self.onload = function (evt) {
            document.body.innerHTML = '';
        }; 
    }
//]]>
</script>

I did not see a console error here and so I guess this is the case here.

The Yahoo! JavaScript is obfuscated but you can see they are definitely removing something at this snippet. (Code taken from yahoo website)

if(self!==self.top){b=function(){if(g.readyState=="complete"){f.remove(g,e,b);


回答3:

actually yahoo , google and such website doesn't allow iframes to their site. They blocks iframes to show their website



回答4:

If the site hosting the webpage forces the use of a secure HTTPS connection, some browsers (chrome for sure) will require that all network resources use HTTPS as well.

The URL in your current iframe is using HTTP src="http://yahoo.com"

Try using HTTPS: src="https://yahoo.com"



标签: html iframe