- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
我有一个标准的 Rails 5.2.2
应用程序。
在我的一个页面上,我有一个 iFrame。当我从 iFrame 中点击一个在新选项卡中打开我的网站的链接时,如下所示:
<iframe src="/page.html" sandbox="allow-scripts allow-forms allow-top-navigation allow-popups">
<a href="http://0.0.0.0:3005/" target="_blank">Visit the frontpage</a>
</iframe>
Started GET "/" for 127.0.0.1 at 2019-11-11 13:10:09 +0100
Processing by StaticPagesController#index as HTML
Completed 200 OK in 408ms (Views: 405.0ms)
Started OPTIONS "/somewhere" for 127.0.0.1 at 2019-11-11 13:10:11 +0100
ActionController::RoutingError (No route matches [OPTIONS] "/somewhere"):
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:65:in `call'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:135:in `call_app'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:30:in `block in call'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:20:in `catch'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:20:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:38:in `call_app'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:26:in `block in call'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:71:in `block in tagged'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:28:in `tagged'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:71:in `tagged'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:26:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/request_id.rb:27:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/method_override.rb:22:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/runtime.rb:22:in `call'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/executor.rb:14:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/static.rb:127:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/sendfile.rb:111:in `call'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/engine.rb:524:in `call'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/configuration.rb:225:in `call'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:658:in `handle_request'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:472:in `process_client'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:332:in `block in run'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/thread_pool.rb:133:in `block in spawn_thread'
Started GET "/" for 127.0.0.1 at 2019-11-11 13:10:12 +0100
Processing by StaticPagesController#index as HTML
Completed 200 OK in 394ms (Views: 390.3ms)
match "/somewhere", to: "somewhere#somewhere", via: [:options]
Started OPTIONS "/somewhere" for 127.0.0.1 at 2019-11-11 13:41:18 +0100
Processing by SomewhereController#somewhere as */*
Completed 200 OK in 625ms (Views: 602.3ms)
Started GET "/" for 127.0.0.1 at 2019-11-11 13:41:19 +0100
Processing by StaticPagesController#index as HTML
Completed 200 OK in 413ms (Views: 409.8ms)
Started OPTIONS "/somewhere" for 127.0.0.1 at 2019-11-11 13:33:31 +0100
Processing by SomewhereController#somewhere as */*
Completed 422 Unprocessable Entity in 1ms
ActionController::InvalidAuthenticityToken (The browser returned a 'null' origin for a request with origin-based forgery protection turned on. This usually
means you have the 'no-referrer' Referrer-Policy header enabled, or that the request came from a site that
refused to give its origin. This makes it impossible for Rails to verify the source of the requests. Likely the
best solution is to change your referrer policy to something less strict like same-origin or strict-same-origin.
If you cannot change the referrer policy, you can disable origin checking with the
Rails.application.config.action_controller.forgery_protection_origin_check setting.
):
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/request_forgery_protection.rb:433:in `valid_request_origin?'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/request_forgery_protection.rb:291:in `verified_request?'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/request_forgery_protection.rb:230:in `verify_authenticity_token'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:426:in `block in make_lambda'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:179:in `block (2 levels) in halting_and_conditional'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in <module:Callbacks>'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:180:in `block in halting_and_conditional'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:513:in `block in invoke_before'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:513:in `each'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:513:in `invoke_before'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:131:in `run_callbacks'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/abstract_controller/callbacks.rb:41:in `process_action'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/rescue.rb:22:in `process_action'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/instrumentation.rb:34:in `block in process_action'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/notifications.rb:168:in `block in instrument'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/notifications/instrumenter.rb:23:in `instrument'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/notifications.rb:168:in `instrument'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/instrumentation.rb:32:in `process_action'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal/params_wrapper.rb:256:in `process_action'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/abstract_controller/base.rb:134:in `process'
.gems/ruby/2.4.0/gems/actionview-5.2.2/lib/action_view/rendering.rb:32:in `process'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal.rb:191:in `dispatch'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_controller/metal.rb:252:in `dispatch'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/routing/route_set.rb:52:in `dispatch'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/routing/route_set.rb:34:in `serve'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/journey/router.rb:52:in `block in serve'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/journey/router.rb:35:in `each'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/journey/router.rb:35:in `serve'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/routing/route_set.rb:840:in `call'
.gems/ruby/2.4.0/gems/warden-1.2.8/lib/warden/manager.rb:36:in `block in call'
.gems/ruby/2.4.0/gems/warden-1.2.8/lib/warden/manager.rb:34:in `catch'
.gems/ruby/2.4.0/gems/warden-1.2.8/lib/warden/manager.rb:34:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/tempfile_reaper.rb:15:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/etag.rb:25:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/conditional_get.rb:38:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/head.rb:12:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/http/content_security_policy.rb:18:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/session/abstract/id.rb:232:in `context'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/session/abstract/id.rb:226:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/cookies.rb:670:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/callbacks.rb:98:in `run_callbacks'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/callbacks.rb:26:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/executor.rb:14:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/debug_exceptions.rb:61:in `call'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:135:in `call_app'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:30:in `block in call'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:20:in `catch'
.gems/ruby/2.4.0/gems/web-console-3.7.0/lib/web_console/middleware.rb:20:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:38:in `call_app'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:26:in `block in call'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:71:in `block in tagged'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:28:in `tagged'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/tagged_logging.rb:71:in `tagged'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/rack/logger.rb:26:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/request_id.rb:27:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/method_override.rb:22:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/runtime.rb:22:in `call'
.gems/ruby/2.4.0/gems/activesupport-5.2.2/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/executor.rb:14:in `call'
.gems/ruby/2.4.0/gems/actionpack-5.2.2/lib/action_dispatch/middleware/static.rb:127:in `call'
.gems/ruby/2.4.0/gems/rack-2.0.6/lib/rack/sendfile.rb:111:in `call'
.gems/ruby/2.4.0/gems/railties-5.2.2/lib/rails/engine.rb:524:in `call'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/configuration.rb:225:in `call'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:658:in `handle_request'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:472:in `process_client'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/server.rb:332:in `block in run'
.gems/ruby/2.4.0/gems/puma-3.12.0/lib/puma/thread_pool.rb:133:in `block in spawn_thread'
Started GET "/" for 127.0.0.1 at 2019-11-11 13:33:31 +0100
Processing by StaticPagesController#index as HTML
Completed 200 OK in 681ms (Views: 677.9ms)
Rails.application.configure do
config.action_controller.forgery_protection_origin_check = false
end
action_dispatch.default_headers
到各种值,没有任何运气:
config.action_dispatch.default_headers = {
'Referrer-Policy' => 'no-referrer'
}
最佳答案
您可以提及 * or the host name with the post
为 'Access-Control-Allow-Origin'
在服务中避免 CORS 问题并获取身份验证 token :
# in config/application.rb
config.action_dispatch.default_headers = {
'Access-Control-Allow-Origin' => 'http://my-web-service-consumer-site.com',
'Access-Control-Request-Method' => %w{GET POST OPTIONS}.join(",")
}
关于ruby-on-rails - 如果以 'null' 作为原点请求页面,则链接不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58802469/
今天有小伙伴给我留言问到,try{...}catch(){...}是什么意思?它用来干什么? 简单的说 他们是用来捕获异常的 下面我们通过一个例子来详细讲解下
我正在努力提高网站的可访问性,但我不知道如何在页脚中标记社交媒体链接列表。这些链接指向我在 facecook、twitter 等上的帐户。我不想用 role="navigation" 标记这些链接,因
说现在是 6 点,我有一个 Timer 并在 10 点安排了一个 TimerTask。之后,System DateTime 被其他服务(例如 ntp)调整为 9 点钟。我仍然希望我的 TimerTas
就目前而言,这个问题不适合我们的问答形式。我们希望答案得到事实、引用资料或专业知识的支持,但这个问题可能会引发辩论、争论、投票或扩展讨论。如果您觉得这个问题可以改进并可能重新打开,visit the
我就废话不多说了,大家还是直接看代码吧~ ? 1
Maven系列1 1.什么是Maven? Maven是一个项目管理工具,它包含了一个对象模型。一组标准集合,一个依赖管理系统。和用来运行定义在生命周期阶段中插件目标和逻辑。 核心功能 Mav
我是一名优秀的程序员,十分优秀!