SharePoint Iframe Error: This content cannot be displayed in a frame

Source: Internet
Author: User
Tags iis

Problem description

Our SharePoint site with Excel service published Excel, need to IFrame to other systems, but the IFRAME found the error "This content cannot be displayed in a frame."

Later, the attempt to iframe other pages in other systems, the same report such errors, but SharePoint own pages, iframe their own page does not complain, IFrame own Excel Services page error, very strange problem.

Screenshot of question

Introduction to the problem

After a long period of search, found to be a security policy caused, in order to prevent "clickjacking attacks", and then in the search for a moment, what this means, it is "Click Hijacked Attack", let's see what is this click Hijacking.

Click Hijacking definition to open a Web page, a flash advertising box, you click the "Close" button, can result in the advertisement did not close, but became full screen, such a situation in the computer security domain called Click Hijacking, that is to say you click the behavior of the mouse to be controlled.

Click Hijack feature Click Hijacking is a malicious attack technology that tracks network users, obtains their private information, or remotely controls their computers by allowing them to click on seemingly normal web pages. Many browsers and operating platforms have such vulnerabilities.

Click Hijacking can be in the form of embedded code or text to complete the attack without the user's knowledge, such as clicking a button on a surface that shows "playing" a video, but actually completing the operation is to change the user's social network personal information to "public" status.

Solution One

The problem is that the HTTP response headers are set x-frame-options, and I think that SharePoint should limit this, causing us to not be able to access the location of the IIS site, but not showing it, and then trying to add the HTTP response headers of the IIS site, Discovery can solve the problem.

1, open IIS, click on the HTTP response headers;

See more highlights of this column: http://www.bianceng.cnhttp://www.bianceng.cn/web/sharepoint/

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.