Frame 防嵌策略：X-Frame-Options 与 CSP frame-ancestors

YBB 3 阅读 0 评论 0 点赞

概述X-Frame-Options（`DENY`/`SAMEORIGIN`）与 CSP 的 `frame-ancestors` 控制页面可被哪些来源嵌入。建议采用 CSP 方案以获得更灵活的白名单与通配。用法/示例X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' https://trusted.example 工程建议在高风险页面启用严格策略，减少点击劫持风险；与 `COOP/COEP` 协作整体隔离。统一在反向代理或网关下发策略，避免后端差异造成漏洞。定期审计第三方嵌入需求与来源清单，确保策略准确。参考与验证MDN：X-Frame-Options — https://developer.mozilla.org/docs/Web/HTTP/Headers/X-Frame-OptionsMDN：CSP frame-ancestors — https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors

点赞(0) 打赏

本文分类：安全
本文标签：frame防嵌策略 frame options与 spframe an estors
浏览次数：3 次浏览
发布日期：2026-02-12 23:42:27
本文链接：https://www.ybb.press/security/1254.html

上一篇 > Cloudflare PQC 混合 TLS：X25519+ML‑KEM 部署实践
下一篇 > Nginx WAF与ModSecurity规则治理实践

评论列表共有 0 条评论

暂无评论

发表评论取消回复

微信公众账号

微信扫一扫加关注

发表
评论返回
顶部

基本文件流程错误 SQL 调试

/www/wwwroot/yebinbing/public/index.php ( 0.88 KB )
/www/wwwroot/yebinbing/thinkphp/start.php ( 0.72 KB )
/www/wwwroot/yebinbing/thinkphp/base.php ( 2.60 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Loader.php ( 21.07 KB )
/www/wwwroot/yebinbing/vendor/composer/autoload_static.php ( 10.49 KB )
/www/wwwroot/yebinbing/vendor/symfony/deprecation-contracts/function.php ( 0.98 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php80/bootstrap.php ( 1.50 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-mbstring/bootstrap.php ( 8.26 KB )
/www/wwwroot/yebinbing/vendor/ralouphie/getallheaders/src/getallheaders.php ( 1.60 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions_include.php ( 0.16 KB )
/www/wwwroot/yebinbing/vendor/guzzlehttp/guzzle/src/functions.php ( 5.54 KB )
/www/wwwroot/yebinbing/vendor/symfony/polyfill-php73/bootstrap.php ( 0.99 KB )
/www/wwwroot/yebinbing/vendor/ezyang/htmlpurifier/library/HTMLPurifier.composer.php ( 0.10 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-helper/src/helper.php ( 2.88 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/common.php ( 15.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Route.php ( 60.23 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Config.php ( 6.38 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Hook.php ( 4.71 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Support/Helpers.php ( 2.54 KB )
/www/wwwroot/yebinbing/vendor/overtrue/wechat/src/Kernel/Helpers.php ( 1.89 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-captcha/src/helper.php ( 1.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Validate.php ( 42.78 KB )
/www/wwwroot/yebinbing/vendor/topthink/think-queue/src/common.php ( 1.19 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Console.php ( 23.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Error.php ( 3.75 KB )
/www/wwwroot/yebinbing/thinkphp/convention.php ( 10.37 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/App.php ( 21.58 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Request.php ( 49.78 KB )
/www/wwwroot/yebinbing/application/config.php ( 11.96 KB )
/www/wwwroot/yebinbing/application/database.php ( 2.25 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Env.php ( 1.21 KB )
/www/wwwroot/yebinbing/application/extra/addons.php ( 1.20 KB )
/www/wwwroot/yebinbing/application/extra/apibbj.php ( 0.86 KB )
/www/wwwroot/yebinbing/application/extra/queue.php ( 0.55 KB )
/www/wwwroot/yebinbing/application/extra/site.php ( 0.89 KB )
/www/wwwroot/yebinbing/application/extra/upload.php ( 1.05 KB )
/www/wwwroot/yebinbing/application/tags.php ( 1.23 KB )
/www/wwwroot/yebinbing/application/common.php ( 15.57 KB )
/www/wwwroot/yebinbing/thinkphp/helper.php ( 17.30 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Debug.php ( 7.13 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Log.php ( 6.05 KB )
/www/wwwroot/yebinbing/addons/cms/Cms.php ( 6.48 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/Addons.php ( 7.64 KB )
/www/wwwroot/yebinbing/addons/signin/Signin.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cropper/Cropper.php ( 0.65 KB )
/www/wwwroot/yebinbing/addons/nkeditor/Nkeditor.php ( 1.35 KB )
/www/wwwroot/yebinbing/addons/prism/Prism.php ( 2.04 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cache.php ( 6.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/driver/File.php ( 7.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/cache/Driver.php ( 5.98 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/View.php ( 6.77 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/view/driver/Think.php ( 5.64 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Template.php ( 44.92 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/template/driver/File.php ( 2.24 KB )
/www/wwwroot/yebinbing/addons/cms/config.php ( 28.18 KB )
/www/wwwroot/yebinbing/application/common/behavior/Common.php ( 3.02 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Lang.php ( 7.42 KB )
/www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php ( 11.81 KB )
/www/wwwroot/yebinbing/application/route.php ( 1.08 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ( 3.35 KB )
/www/wwwroot/yebinbing/application/common/lang/zh-cn/addon.php ( 6.09 KB )
/www/wwwroot/yebinbing/extend/fast/Form.php ( 39.79 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/config/driver/Ini.php ( 0.83 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Url.php ( 12.72 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Archives.php ( 5.85 KB )
/www/wwwroot/yebinbing/addons/cms/controller/Base.php ( 3.75 KB )
/www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Controller.php ( 7.08 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Controller.php ( 6.07 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/controller/Jump.php ( 4.92 KB )
/www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php ( 5.58 KB )
/www/wwwroot/yebinbing/application/common/library/Auth.php ( 15.50 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Cookie.php ( 8.17 KB )
/www/wwwroot/yebinbing/application/common/model/Config.php ( 6.71 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Model.php ( 69.55 KB )
/www/wwwroot/yebinbing/addons/cms/library/Service.php ( 28.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Db.php ( 6.67 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/connector/Mysql.php ( 3.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Connection.php ( 29.97 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Query.php ( 93.80 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/builder/Mysql.php ( 4.53 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Builder.php ( 31.81 KB )
/www/wwwroot/yebinbing/addons/cms/model/Archives.php ( 22.89 KB )
/www/wwwroot/yebinbing/thinkphp/library/traits/model/SoftDelete.php ( 4.86 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/BelongsTo.php ( 7.75 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/relation/OneToOne.php ( 10.03 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Relation.php ( 3.61 KB )
/www/wwwroot/yebinbing/addons/cms/model/Channel.php ( 19.14 KB )
/www/wwwroot/yebinbing/addons/cms/model/Modelx.php ( 1.97 KB )
/www/wwwroot/yebinbing/addons/cms/model/Fields.php ( 3.46 KB )
/www/wwwroot/yebinbing/addons/cms/model/SpiderLog.php ( 1.75 KB )
/www/wwwroot/yebinbing/addons/cms/model/Tag.php ( 6.98 KB )
/www/wwwroot/yebinbing/addons/cms/model/Autolink.php ( 0.57 KB )
/www/wwwroot/yebinbing/application/common/model/User.php ( 4.22 KB )
/www/wwwroot/yebinbing/runtime/temp/388d6f0b5bff3196cdb77891cfa4196c.php ( 32.66 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Session.php ( 10.86 KB )
/www/wwwroot/yebinbing/extend/fast/Tree.php ( 15.55 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/model/Collection.php ( 2.27 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Collection.php ( 11.10 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/db/Expression.php ( 1.11 KB )
/www/wwwroot/yebinbing/addons/cms/model/Comment.php ( 9.37 KB )
/www/wwwroot/yebinbing/addons/cms/library/Bootstrap.php ( 5.49 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Paginator.php ( 9.94 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/Response.php ( 8.28 KB )
/www/wwwroot/yebinbing/thinkphp/library/think/debug/Html.php ( 4.17 KB )

[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.000102s ]
[ CACHE ] INIT File
[ BEHAVIOR ] Run \addons\cms\Cms @app_init [ RunTime:0.010552s ]
[ BEHAVIOR ] Run Closure @app_init [ RunTime:0.010688s ]
[ BEHAVIOR ] Run app\common\behavior\Common @app_init [ RunTime:0.001622s ]
[ LANG ] /www/wwwroot/yebinbing/thinkphp/lang/zh-cn.php
[ BEHAVIOR ] Run app\common\behavior\Common @app_dispatch [ RunTime:0.000119s ]
[ ROUTE ] array ( 'type' => 'method', 'method' => array ( 0 => '\\think\\addons\\Route', 1 => 'execute', ), 'var' => array ( 'addon' => 'cms', 'controller' => 'archives', 'action' => 'index', ), )
[ HEADER ] array ( 'cf-visitor' => '{"scheme":"https"}', 'cf-ipcountry' => 'US', 'cf-connecting-ip' => '216.73.216.35', 'cdn-loop' => 'cloudflare; loops=1', 'cf-ray' => '9cf085188e871ae0-CMH', 'accept-encoding' => 'gzip, br', 'cookie' => 'PHPSESSID=h2ias1cjd5ll0c0vj0usjri694', 'accept' => '*/*', 'user-agent' => 'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; [email protected])', 'connection' => 'close', 'remote-host' => '104.23.243.8', 'x-forwarded-port' => '80', 'x-forwarded-host' => 'www.ybb.press', 'x-forwarded-proto' => 'http', 'x-forwarded-for' => '216.73.216.35, 104.23.243.8', 'x-real-port' => '10589', 'x-real-ip' => '104.23.243.8', 'host' => 'ybb.ybb.press', 'content-length' => '', 'content-type' => '', )
[ PARAM ] array ( 'catename' => 'recovered-1273', 'id' => '1254', )
[ RUN ] think\addons\Route->execute[ /www/wwwroot/yebinbing/vendor/fastadminnet/fastadmin-addons/src/addons/Route.php ]
[ LANG ] /www/wwwroot/yebinbing/public/../application/common/lang/zh-cn/addon.php
[ BEHAVIOR ] Run app\common\behavior\Common @addon_begin [ RunTime:0.004797s ]
[ LANG ] /www/wwwroot/yebinbing/addons/cms/lang/zh-cn.php
[ DB ] INIT mysql
[ VIEW ] /www/wwwroot/yebinbing/addons/cms/view/default/show_news.html [ array ( 0 => 'config', 1 => 'user', 2 => 'site', 3 => '__CHANNEL__', 4 => 'isWechat', 5 => '__ARCHIVES__', 6 => '__MODEL__', ) ]
[ SESSION ] INIT array ( 'id' => '', 'var_session_id' => '', 'prefix' => 'think', 'type' => '', 'auto_start' => true, )
[ BEHAVIOR ] Run \addons\cms\Cms @view_filter [ RunTime:0.000340s ]

1.953405s

ShowPageTrace