将cep wso2嵌入框架

时间:2018-06-20 07:48:44

标签: iframe wso2 complex-event-processing

我想将wso2的cep(复杂事件处理器)嵌入到iframe中,我已经更改了文件:

存储库/ conf / tomcat / carbon / WEB-INF / web.xml 

  <filter>
         <filter-name> HttpHeaderSecurityFilter </ filter-name>
         <filter-class> org.apache.catalina.filters.HttpHeaderSecurityFilter </ filter-class>
         <init-param>
             <param-name> hstsEnabled </ param-name>
             <param-value> false </ param-value>
         </init-param>
         <init-param>
             <param-name> antiClickJackingEnabled </ param-name>
             <param-value> true </ param-value>
         </init-param>
         <init-param>
             <param-name> antiClickJackingOption </ param-name>
             <param-value> SAMEORIGIN </ param-value>
         </init-param>
         <init-param>
             <param-name> blockContentTypeSniffingEnabled </ param-name>
             <param-value> false </ param-value>
         </init-param>

</filter>

部署/服务器/jaggeryapps/portal/jagger.conf 

"filters": [
    {
      "name": "HttpHeaderSecurityFilter",
      "class": "org.apache.catalina.filters.HttpHeaderSecurityFilter",
      "params": [
        {
          "name": "hstsEnabled",
          "value": "false"
        },
		{
		  "name" : "antiClickJackingEnabled", 
		  "value" : "true"
		},
        { 
		  "name" : "antiClickJackingOption", 
		  "value" : "SAMEORIGIN"
		},
		{
		  "name" : "blockContentTypeSniffingEnabled", 
		  "value" : "false"
		}
      ]
    }

存储库/部署/服务器/webapps/shindig/WEB-INF/web.xml 

    <filter>
        <filter-name>HttpHeaderSecurityFilter</filter-name>
        <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
        
        <init-param>
            <param-name>hstsEnabled</param-name>
            <param-value>false</param-value>
		    </init-param>
		    <init-param>
			      <param-name>antiClickJackingEnabled</param-name>
			      <param-value>true</param-value>
        </init-param>
		    <init-param>
		      	<param-name>antiClickJackingOption</param-name>
		      	<param-value>SAMEORIGIN</param-value>
	     	</init-param>
		    <init-param>
		      	<param-name>blockContentTypeSniffingEnabled</param-name>
		      	<param-value>false</param-value>
        </init-param>
    </filter>

存储库/部署/服务器/webapps/shindig/WEB-INF/classes/web.xml 

<filter>
         <filter-name> HttpHeaderSecurityFilter </ filter-name>
         <filter-class> org.apache.catalina.filters.HttpHeaderSecurityFilter </ filter-class>
         <init-param>
             <param-name> hstsEnabled </ param-name>
             <param-value> false </ param-value>
         </ init-param>
         <init-param>
             <param-name> antiClickJackingEnabled </ param-name>
             <param-value> true </ param-value>
         </ init-param>
         <init-param>
             <param-name> antiClickJackingOption </ param-name>
             <param-value> SAMEORIGIN </ param-value>
         </ init-param>
         <init-param>
             <param-name> blockContentTypeSniffingEnabled </ param-name>
             <param-value> false </ param-value>
         </ init-param>

</ filter>

我得到以下结果

  

拒绝在框架中显示“ https://xx.xx.xx.xx:xx/carbon/admin/login.jsp”,因为它设置了多个“ X-Frame-Options”标头   值冲突(“ SAMEORIGIN,DENY”)。回退到“拒绝”。

两种类型(SAMEORIGIN,DENY)之间存在冲突,我是否需要更改其他内容?

谢谢。

0 个答案:

没有答案
相关问题
最新问题