我已经完成了curl -I www.site.com,这就是结果
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Sep 2015 13:16:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 103555
Connection: keep-alive
Vary: Accept-Encoding
Vary: Cookie
X-Frame-Options: SAMEORIGIN
Set-Cookie: csrftoken=hkixBLlqGGXlt1fGrbfBM3aF3G1Cpxxp; expires=Mon, 19-Sep-2016 13:16:11 GMT; Max-Age=31449600; Path=/
我需要编辑X-Frame-Options:的服务器以允许所有人。这很精致,因此我没有确定无需进行测试。将会对此有所了解。
答案 0 :(得分:2)
我删除了中间件中的点击劫持预防它完美无缺。
MIDDLEWARE_CLASSES = (
#'django.middleware.cache.UpdateCacheMiddleware',
#'django.middleware.gzip.GZipMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
#'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.contrib.redirects.middleware.RedirectFallbackMiddleware',
#'django.middleware.cache.FetchFromCacheMiddleware',
'minidetector.Middleware',
'mobileesp.middleware.MobileDetectionMiddleware',
#'django_mobileesp.middleware.UserAgentDetectionMiddleware',
)