利用.htaccess禁止嵌入 iframe
在 .htaccess 檔案內 <meta>標籤內設定不被iframe嵌入
Header set X-Frame-Options DENY
僅允許同樣來源主機
可允許某些特定主機
Header append X-FRAME-OPTIONS ALLOW-FROM https://facebook.com/
reference
https://gist.github.com/jgarciaruiz/68c53352efb028cf4cc0cf8873b3b216
Header set X-Frame-Options DENY
僅允許同樣來源主機
| Header append X-FRAME-OPTIONS "SAMEORIGIN" |
可允許某些特定主機
Header append X-FRAME-OPTIONS ALLOW-FROM https://facebook.com/
reference
https://gist.github.com/jgarciaruiz/68c53352efb028cf4cc0cf8873b3b216
