起因 Django 项目,在 html 页面中使用了 frameset 以及 frame 标签。
报错 运行结果:
f12 调试,看到一下报错。
1 2 3 Refused to display 'http://127.0.0.1:8000/top.html' in a frame because it set 'X-Frame-Options' to 'deny'. Refused to display 'http://127.0.0.1:8000/left.html' in a frame because it set 'X-Frame-Options' to 'deny'. Refused to display 'http://127.0.0.1:8000/news.html' in a frame because it set 'X-Frame-Options' to 'deny'.
原因 主要是 Django 将页面通过iframe显示在 app 页面中。而在这个页面中 request header 中多出响应头 X-Frame-Options 值默认为 deny,于是报出如下错误。
解决 针对每个 view 设置 可以设置 view 响应头为 exempt,一共有以下三种:
1 2 3 @xframe_options_deny #不允许在frame中展示 @xframe_options_sameorigin #允许在通域名的frame中展示 @xframe_options_exempt #去掉iframe限制,允许iframe访问某一个views
那么,在 views.py 中对某个 view 指定即可:
views.py 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 @xframe_options_exempt def top (request) : return render(request, 'NetEase/top.html' ) @xframe_options_exempt def left (request) : return render(request, 'NetEase/left.html' ) @xframe_options_exempt def news (request) : limit = 4 article = NetEase.objects paginator = Paginator(article, limit) page_num = request.GET.get('page' , 1 ) page_num = int(page_num) try : loaded = paginator.page(page_num) except ValueError: loaded = paginator.page(1 ) except PageNotAnInteger: loaded = paginator.page(1 ) except EmptyPage: loaded = paginator.page(paginator.num_pages) context = { 'NetEase' : loaded } return render(request, 'NetEase/news.html' , context)
效果:
针对全部页面 在 settings 中设置即可。
settings.py 1 X_FRAME_OPTIONS = 'ALLOWALL url'