防止網頁被別人嵌入 iframe x-frame-options 設定
x-frame-options 可防止嶔入有三種模式如下: · DENY Deny all attempts to frame the page · SAMEORIGIN The page can be framed by another page only if it belongs to the same origin as the page being framed · ALLOW-FROM origin Developers can specify a list of trusted origins in the origin attribute. Only pages on origin are permitted to load this page inside an iframe