在Android WebView中浏览X-Frame-Options DENY

时间:2017-05-12 20:50:40

标签: android iframe

我正在尝试实施类似于this问题中描述的技术。

我有一个在webview中运行的android应用程序(基于Cordova构建的Ionic)。基本上我想要做的是将页面加载到iframe并在此页面上执行一些工作。许多网站使用X-Frame-Options: DENY标头禁止将其内容加载到iFrame中。在Chrome扩展程序中,您可以通过拦截webrequest并删除该标题来解决此问题。

我在此处覆盖了shouldInterceptRequest功能:https://developer.android.com/reference/android/webkit/WebViewClient.html 

  // Handle API until level 21
  @TargetApi(Build.VERSION_CODES.LOLLIPOP)
  @Override
  public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
    try {
      WebResourceResponse cordovaResponse = super.shouldInterceptRequest(view, request);
      if(cordovaResponse != null) {
        return cordovaResponse;
      }
      String url = request.getUrl().toString();
      HttpURLConnection urlConnection = (HttpURLConnection) new URL(url).openConnection();
      urlConnection.connect();
      //view.loadUrl(url, getCustomHeaders());
      WebResourceResponse response = new WebResourceResponse(urlConnection.getContentType(),
        urlConnection.getContentEncoding(),
        urlConnection.getInputStream());
      Map<String, String> headers = response.getResponseHeaders();
      if(headers != null){
        response.setResponseHeaders(removeXOriginHeaders(headers));
      }
      return response;

    } catch(MalformedURLException e) {
      e.printStackTrace();
      return null;
    }
    catch (IOException e) {
      e.printStackTrace();
      return null;
    }
  }`

但是当使用上述方法接收到所有请求的标头时,它们为空,当内容放入iframe时,它不会产生完整形成的文档。

Chrome调试器提供以下消息:Resource interpreted as Document but transferred with MIME type text/html;charset=UTF-8:

就像使用xhr获取页面内容然后卡在Document的单个元素内而不是像使用iframe时那样加载(所有脚本运行到执行,后续ajax请求被触发等)。

在删除了单个标题后,是否仍然要在iframe中加载页面内容?

1 个答案:

答案 0 :(得分:2)

我能够通过使用此处找到的OkHttpClient来解决我的问题:http://square.github.io/okhttp/而不是java URLConnection 

  // Handle API until level 21
  @TargetApi(Build.VERSION_CODES.LOLLIPOP)
  @Override
      public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
        try {
          WebResourceResponse cordovaResponse = super.shouldInterceptRequest(view, request);
          if(cordovaResponse != null) {
            return cordovaResponse;
          }
          String url = request.getUrl().toString();
          OkHttpClient httpClient = new OkHttpClient();
          Request okRequest = new Request.Builder()
            .url(url)
            .build();
          Response response = httpClient.newCall(okRequest).execute();
          Response modifiedResponse = response.newBuilder()
            .removeHeader("x-frame-options")
            .removeHeader("frame-options")
            .build();
          return new WebResourceResponse("text/html",
            modifiedResponse.header("content-encoding", "utf-8"),
            modifiedResponse.body().byteStream()
          );

    } catch(MalformedURLException e) {
      e.printStackTrace();
      return null;
    }
    catch (IOException e) {
      e.printStackTrace();
      return null;
    }
  }
相关问题
最新问题