aspnetboilerplate:删除x-frame-options标头

问题描述 投票:0回答:1

enter image description here在我的基于aspnetboilerplate的网站中,如何从asp.net核心响应中删除X-Frame-Options: SAMEORIGIN标头。

我尝试了什么1.

        string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
        services.AddCors(options =>
        {
            options.AddPolicy(MyAllowSpecificOrigins,
            builder =>
            {
                builder.WithOrigins("http://www.example.org/",
                                    "https://www.example.org/");
            });
        });

 app.UseCors(MyAllowSpecificOrigins);

  1. 也尝试在启动时添加此内容

    services.AddAntiforgery(x => x.SuppressXFrameOptionsHeader = true);

  2. 添加到web.config <remove name="X-Frame-Options"/>

asp.net-core aspnetboilerplate
1个回答
0
投票

按如下所示初始化abp框架:

        app.UseAbp(options =>
        {
            options.UseSecurityHeaders = false;
        }); // Initializes ABP framework.
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.