如何解决可以将加载到IFRAME中的网站访问或告知加载在其他Windows / iframe中的网站cookie等吗?
我们已经建立了Facebook的反向代理。我们在服务器上整理了另一个子域,并使用以下https://www.facebook.com
将其指向web.config
。 (为安全起见,略作编辑。)
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="ReverseProxyInboundRule1" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="https://www.facebook.com/{R:1}" />
<serverVariables>
<set name="HTTP_X_ORIGINAL_ACCEPT_ENCODING" value="{HTTP_ACCEPT_ENCODING}" />
<set name="HTTP_ACCEPT_ENCODING" value="" />
</serverVariables>
</rule>
<rule name="Capture Http Origin Header">
<match url=".*" />
<conditions>
<add input="{HTTP_ORIGIN}" pattern=".+" />
</conditions>
<serverVariables>
<set name="HTTP_X_HTTP_ORIGIN" value="{C:0}" />
</serverVariables>
<action type="None" />
</rule>
</rules>
<outboundRules>
<rule name="ReverseProxyOutboundRule1" preCondition="ResponseIsHtml1">
<match filterByTags="A,Form,Img" pattern="^http(s)?://facebook.com/(.*)" />
<action type="Rewrite" value="http{R:1}://sub.domain.com.au/{R:2}" />
</rule>
<rule name="Rewrite X-Frame-Options" enabled="true" patternSyntax="Wildcard">
<match serverVariable="RESPONSE_X-Frame-Options" pattern="*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" />
</rule>
<rule name="Set-Access-Control-Allow-Origin for known origins" enabled="true">
<match serverVariable="RESPONSE_Access-Control-Allow-Origin" pattern=".+" negate="true" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" value="{HTTP_X_HTTP_ORIGIN}" />
</rule>
<rule name="Restore Accept Encoding" preCondition="Needs to Restore Original Accept Encoding" enabled="true">
<match serverVariable="HTTP_ACCEPT_ENCODING" pattern="^(.*)$" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="true" />
<action type="Rewrite" value="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" />
</rule>
<preConditions>
<preCondition name="ResponseIsHtml1">
<add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/html" />
</preCondition>
<preCondition name="Needs to Restore Original Accept Encoding">
<add input="{HTTP_X_ORIGINAL_ACCEPT_ENCODING}" pattern=".*" />
</preCondition>
</preConditions>
</outboundRules>
</rewrite>
</system.webServer>
</configuration>
现在,我可以在其中包含带有iframe
和src
的HTML文件,其中 lines = [Map1.splitlines(),Map2.splitlines(),Map3.splitlines(),Map4.splitlines(),Map5.splitlines(),Map6.splitlines()]
for l in zip(*lines):
print(*l,sep="")
lines = [Map7.splitlines(),Map8.splitlines(),Map9.splitlines(),Map10.splitlines(),Map11.splitlines(),Map12.splitlines()]
for l in zip(*lines):
print(*l,sep="")
lines = [Map13.splitlines(),Map14.splitlines(),Map15.splitlines(),Map16.splitlines(),Map17.splitlines(),Map18.splitlines()]
for l in zip(*lines):
print(*l,sep="")
lines = [Map19.splitlines(),Map20.splitlines(),Map21.splitlines(),Map22.splitlines(),Map23.splitlines(),Map24.splitlines()]
for l in zip(*lines):
print(*l,sep="")
为“ https://sub.domain.com.au/someFacebookSite”,并在该站点上显示Facebook没有通常的CORS相关通知的iframe。
iframe中的网站未从其他任何浏览器窗口中获取Facebook登录详细信息。我希望那是设计使然。但是,是否有可能在iframe中告知有关当前正在加载Facebook的其他窗口/ iframe的页面,以便iframe-d页面可以加载帐户授权数据?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。