Mattermost iframe 集成 Django 应用程序
Mattermost iframe integration Django app
我有 apache 2.4 和 mattermost 5.2。他们都在同一台服务器上。我已经配置了一个虚拟主机指向8065端口上的mattermost。以下是我的conf文件。
<VirtualHost *:80>
ServerName subdomain.domain.in
#ServerAdmin hostmaster@mydomain.com
ProxyPreserveHost On
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* wss://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
<LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
Require all granted
ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</LocationMatch>
<Location />
Require all granted
ProxyPass http://127.0.0.1:8065/
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</Location>
</VirtualHost>
我正在尝试从 Django 应用程序中的 anothersubdomain.domain.in/mattermost 按以下方式加载 iframe
<iframe src="http://subdomain.domain.in"></iframe>
我收到了
Refused to display 'http://subdomain.domain.in/' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'"
我不想更改最重要的代码。有办法完成吗?
在解决这个问题几天后,我找到了解决方案来编辑 Content-Security-Policy 和 [ 的请求 headersX-Frame-Options。以下是我编辑的虚拟主机。
<VirtualHost *:80>
ServerName subdomain.domain.in
#ServerAdmin hostmaster@mydomain.com
ProxyPreserveHost On
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* wss://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
Header edit Content-Security-Policy: "frame-ancestors 'self'" "frame-ancestors http://*.domain.in"
Header edit X-Frame-Options "SAMEORIGIN" "allow-from http://*.domain.in"
<LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
Require all granted
ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</LocationMatch>
<Location />
Require all granted
ProxyPass http://127.0.0.1:8065/
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</Location>
</VirtualHost>
在这里,我将 headers 编辑为只允许我域的所有子域使用。
我有 apache 2.4 和 mattermost 5.2。他们都在同一台服务器上。我已经配置了一个虚拟主机指向8065端口上的mattermost。以下是我的conf文件。
<VirtualHost *:80>
ServerName subdomain.domain.in
#ServerAdmin hostmaster@mydomain.com
ProxyPreserveHost On
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* wss://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
<LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
Require all granted
ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</LocationMatch>
<Location />
Require all granted
ProxyPass http://127.0.0.1:8065/
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</Location>
</VirtualHost>
我正在尝试从 Django 应用程序中的 anothersubdomain.domain.in/mattermost 按以下方式加载 iframe
<iframe src="http://subdomain.domain.in"></iframe>
我收到了
Refused to display 'http://subdomain.domain.in/' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'"
我不想更改最重要的代码。有办法完成吗?
在解决这个问题几天后,我找到了解决方案来编辑 Content-Security-Policy 和 [ 的请求 headersX-Frame-Options。以下是我编辑的虚拟主机。
<VirtualHost *:80>
ServerName subdomain.domain.in
#ServerAdmin hostmaster@mydomain.com
ProxyPreserveHost On
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* wss://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
Header edit Content-Security-Policy: "frame-ancestors 'self'" "frame-ancestors http://*.domain.in"
Header edit X-Frame-Options "SAMEORIGIN" "allow-from http://*.domain.in"
<LocationMatch "^/api/v(?<apiversion>[0-9]+)/(?<apiusers>users/)?websocket">
Require all granted
ProxyPass ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverse ws://127.0.0.1:8065/api/v%{env:MATCH_APIVERSION}/%{env:MATCH_APIUSERS}websocket
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</LocationMatch>
<Location />
Require all granted
ProxyPass http://127.0.0.1:8065/
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 subdomain.domain.in
</Location>
</VirtualHost>
在这里,我将 headers 编辑为只允许我域的所有子域使用。