WalkURLs ọ bụ n'efu kpamkpam?

Ee. WalkURLs bụ n'efu kpamkpam enweghị ụgwọ zoro ezo, enweghị ọkwa dị elu, achọghịkwa akaụntụ. Mepee peeji ahụ, tinye URL gị, wee malite ilele.

Gịnị mere ụfọdụ webụsaịtị ji apụta ihe efu?

Ọtụtụ webụsaịtị na-egbochi itinye iframe site na X-Frame-Options ma ọ bụ nkụnye isi Content-Security-Policy. Nke a bụ njirimara nchekwa ihe nchọgharị. Webụsaịtị nke gị na-arụ ọrụ nke ọma ma ọ bụrụ na ị hazie nkụnye isi ziri ezi.

Kedu ka m ga-esi mee ka webụsaịtị m rụọ ọrụ na WalkURLs?

Tọọ nkụnye isi Content-Security-Policy ka ọ bụrụ: frame-ancestors 'self' https://walkurls.com. Nke a na-enye WalkURLs ohere itinye saịtị gị ebe ọ na-echekwa ya n'aka isi mmalite ndị ọzọ.

WalkURLs ọ na-arụ ọrụ na ekwentị?

Ee. WalkURLs na-anabata nke ọma ma na-arụ ọrụ na ngwaọrụ ọ bụla nwere ihe nchọgharị ọgbara ọhụrụ. Sidebar ahụ na-aghọ ihe mkpuchi ihuenyo zuru oke na ekwentị maka njikwa URL dị mfe.

WalkURLs — Ihe Nlele URL N'usoro Na Ịntanetị N'efu

Ọsọ Ije

Nhọrọ onwe:

Na-aga kwa 5,000 ms (5 sekọnd)

Enweghị URL ebutere

0 / 0

Tinye URL na sidebar iji malite

Pịa S iji gbanwee sidebar · ? maka enyemaka

Webụsaịtị a nwere ike igbochi itinye iframe. Peeji ahụ nwere ike ịpụta ihe efu.

Gịnị mere peeji ahụ ji bụrụ ihe efu?

Ọtụtụ webụsaịtị na-egbochi itinye iframe site na nkụnye isi HTTP. Nke a bụ njirimara nchekwa na-echekwa megide clickjacking.

⚠ Otu igbochi si arụ ọrụ

Webụsaịtị na-eziga nkụnye isi na-agwa ihe nchọgharị gị: "Etinyela m." Ihe nchọgharị ahụ na-erubere isi → iframe efu.

Nkụnye isi	Mmetụta
`X-Frame-Options: DENY`	Na-egbochi ihe niile
`X-Frame-Options: SAMEORIGIN`	Otu domain naanị
`CSP: frame-ancestors 'none'`	Igbochi ọgbara ọhụrụ

Ndakọrịta

Saịtị	Ọnọdụ
Google, Gmail, GitHub	Egbochiri
Facebook, X / Twitter	Egbochiri
Wikipedia	Akụkụ ụfọdụ
Webụsaịtị nke gị	Na-arụ ọrụ ✓
Ngwaọrụ ime / dashboards	Na-arụ ọrụ ✓
Saịtị kwụ ọtọ / akwụkwọ	Na-arụ ọrụ ✓

Mee ka saịtị gị rụọ ọrụ

✓ A na-akwado

Tọọ frame-ancestors ka ọ kwere naanị walkurls.com.

Apache (.htaccess)

Header set Content-Security-Policy "frame-ancestors 'self' https://walkurls.com"
Header unset X-Frame-Options

Nginx

add_header Content-Security-Policy "frame-ancestors 'self' https://walkurls.com";

Node.js / Express

app.use((req, res, next) => {
  res.setHeader('Content-Security-Policy',
    "frame-ancestors 'self' https://walkurls.com");
  res.removeHeader('X-Frame-Options');
  next();
});

PHP

header("Content-Security-Policy: frame-ancestors 'self' https://walkurls.com");
header_remove("X-Frame-Options");

Vercel (vercel.json)

{
  "headers": [{
    "source": "/(.*)",
    "headers": [{
      "key": "Content-Security-Policy",
      "value": "frame-ancestors 'self' https://walkurls.com"
    }]
  }]
}

Netlify (_headers)

/*
  Content-Security-Policy: frame-ancestors 'self' https://walkurls.com

Ule

Mepee DevTools F12 → Console. Ọ bụrụ na egbochiri:

Refused to display 'https://...' in a frame
because it set 'X-Frame-Options' to 'deny'.

Lelee nkụnye isi site na terminal:

curl -I https://your-site.com | grep -i "frame\|content-security"

Nchekwa

⚠ Ejila frame-ancestors * na mmepụta

Na-ekwupụta mgbe niile: https://walkurls.com

Ụzọ mkpirisi igodo

← →	Nke Gara Aga / Nke Ọzọ
Space	Gbanwee igwu akpaaka
Home End	Nke Mbụ / Nke Ikpeazụ
S	Gbanwee sidebar
F	Ihuenyo zuru oke
?	Panel enyemaka a

Enyemaka & Idozi Nsogbu