Fatal编程技术网
  • javascript/
  • Javascript 在.htaccess中出现Clickjacking阻塞错误500

Javascript 在.htaccess中出现Clickjacking阻塞错误500

javascript html apache .htaccess iframe

Javascript 在.htaccess中出现Clickjacking阻塞错误500,javascript,html,apache,.htaccess,iframe,Javascript,Html,Apache,.htaccess,Iframe,为了在我的站点上中断iFraming,我在.httaccess文件(在Apache上运行)中添加了以下两行代码 只有添加X帧才能正常工作 当我添加内容安全策略行以及X-frame时,我得到一个错误500 我正在使用localhost 任何建议 <Files .htaccess> order allow,deny deny from all </Files> RewriteEngine On # Break any iFraming for clickjacking

为了在我的站点上中断iFraming,我在.httaccess文件(在Apache上运行)中添加了以下两行代码

只有添加X帧才能正常工作

当我添加内容安全策略行以及X-frame时,我得到一个错误500

我正在使用localhost

任何建议

<Files .htaccess>
order allow,deny
deny from all
</Files>

RewriteEngine On 

# Break any iFraming for clickjacking

Header always unset X-Frame-Options
Content-Security-Policy: frame-ancestors 'self'

# Disable Directory Browsing

Options All -Indexes
IndexIgnore *

# Blocks a lot of site rippers

RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WinHTTrack [OR] 
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Suck [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Zeus 
RewriteRule ^.* - [F,L]


命令允许,拒绝
全盘否定
重新启动发动机
#打破任何点击劫持的假象
标题始终未设置X帧选项
内容安全策略:框架祖先“自我”
#禁用目录浏览
选项所有-索引
IndexIgnore*
#阻止了大量的现场裂土器
重写COND%{HTTP_用户_代理}^黑寡妇[或]
重写cond%{HTTP\u USER\u AGENT}^Bot\mailto:craftbot@yahoo.com[或]
RewriteCond%{HTTP\u USER\u AGENT}^ChinaClaw[或]
RewriteCond%{HTTP\u USER\u AGENT}^Custo[或]
RewriteCond%{HTTP\u USER\u AGENT}^DISCo[或]
RewriteCond%{HTTP\u USER\u AGENT}^Download\Demon[或]
RewriteCond%{HTTP_USER_AGENT}^eCatch[或]
RewriteCond%{HTTP\u USER\u AGENT}^EirGrabber[或]
RewriteCond%{HTTP\u USER\u AGENT}^电子邮件虹吸[或]
RewriteCond%{HTTP\u USER\u AGENT}^EmailWolf[或]
RewriteCond%{HTTP\u USER\u AGENT}^Express\WebPictures[或]
RewriteCond%{HTTP\u USER\u AGENT}^ExtractorPro[OR]
RewriteCond%{HTTP\u USER\u AGENT}^EyeNetIE[或]
RewriteCond%{HTTP\u USER\u AGENT}^FlashGet[或]
RewriteCond%{HTTP\u USER\u AGENT}^GetRight[或]
重写cond%{HTTP\u USER\u AGENT}^GetWeb![或]
重写cond%{HTTP\u USER\u AGENT}^Go!齐拉[或]
RewriteCond%{HTTP\u USER\u AGENT}^继续,明白了[或]
RewriteCond%{HTTP\u USER\u AGENT}^GrabNet[或]
RewriteCond%{HTTP\u USER\u AGENT}^Grafula[或]
RewriteCond%{HTTP\u USER\u AGENT}^HMView[或]
RewriteCond%{HTTP\u USER\u AGENT}^WinHTTrack[或]
RewriteCond%{HTTP\u USER\u AGENT}HTTrack[NC,或]
RewriteCond%{HTTP\u USER\u AGENT}^Image\Stripper[或]
RewriteCond%{HTTP\u USER\u AGENT}^Image\Sucker[或]
RewriteCond%{HTTP\u USER\u AGENT}Indy\Library[NC,或]
RewriteCond%{HTTP\u USER\u AGENT}^InterGET[或]
重写COND%{HTTP_用户_代理}^Internet\Ninja[或]
RewriteCond%{HTTP\u USER\u AGENT}^JetCar[或]
RewriteCond%{HTTP\u USER\u AGENT}^JOC\Web\Spider[或]
RewriteCond%{HTTP\u USER\u AGENT}^larbin[或]
RewriteCond%{HTTP\u USER\u AGENT}^LeechFTP[或]
RewriteCond%{HTTP\u USER\u AGENT}^Mass\Downloader[或]
RewriteCond%{HTTP\u USER\u AGENT}^MIDown\tool[或]
RewriteCond%{HTTP\u USER\u AGENT}^Mister\PiX[或]
RewriteCond%{HTTP_USER_AGENT}^Navroad[OR]
RewriteCond%{HTTP\u USER\u AGENT}^NearSite[或]
RewriteCond%{HTTP\u USER\u AGENT}^NetAnts[或]
RewriteCond%{HTTP_USER_AGENT}^NetSpider[或]
RewriteCond%{HTTP\u USER\u AGENT}^Net\Vampire[或]
RewriteCond%{HTTP\u USER\u AGENT}^NetZIP[或]
重写Cond%{HTTP_用户_代理}^八达通[或]
RewriteCond%{HTTP\u USER\u AGENT}^Offline\Explorer[或]
RewriteCond%{HTTP\u USER\u AGENT}^Offline\Navigator[或]
RewriteCond%{HTTP\u USER\u AGENT}^PageGrabber[或]
重写cond%{HTTP\u USER\u AGENT}^Papa\Foto[或]
RewriteCond%{HTTP_USER_AGENT}^pavuk[或]
RewriteCond%{HTTP_USER_AGENT}^pcBrowser[或]
RewriteCond%{HTTP\u USER\u AGENT}^RealDownload[或]
RewriteCond%{HTTP\u USER\u AGENT}^ReGet[或]
RewriteCond%{HTTP_用户_代理}^SiteSnagger[或]
RewriteCond%{HTTP\u USER\u AGENT}^智能下载[或]
RewriteCond%{HTTP\u USER\u AGENT}^SuperBot[或]
RewriteCond%{HTTP\u USER\u AGENT}^superhattp[或]
RewriteCond%{HTTP\u USER\u AGENT}^Surfbot[或]
RewriteCond%{HTTP\u USER\u AGENT}^抽头[或]
RewriteCond%{HTTP\u USER\u AGENT}^Teleport\Pro[或]
RewriteCond%{HTTP_USER_AGENT}^VoidEYE[或]
RewriteCond%{HTTP\u USER\u AGENT}^Web\Image\Collector[或]
RewriteCond%{HTTP\u USER\u AGENT}^Web\Sucker[或]
RewriteCond%{HTTP\u USER\u AGENT}^Suck[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebAuto[或]
RewriteCond%{HTTP_USER_AGENT}^WebCopier[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebFetch[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebGo\IS[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebLeacher[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebReaper[或]
RewriteCond%{HTTP_USER_AGENT}^WebSauger[或]
RewriteCond%{HTTP\u USER\u AGENT}^网站\提取器[或]
重写COND%{HTTP_用户_代理}^网站\Quester[或]
RewriteCond%{HTTP_USER_AGENT}^WebStripper[或]
RewriteCond%{HTTP_USER_AGENT}^WebWhacker[或]
RewriteCond%{HTTP\u USER\u AGENT}^WebZIP[或]
RewriteCond%{HTTP\u USER\u AGENT}^Wget[或]
RewriteCond%{HTTP\u USER\u AGENT}^寡妇[或]
RewriteCond%{HTTP\u USER\u AGENT}^WWWOFFLE[或]
RewriteCond%{HTTP_USER_AGENT}^Xaldon\WebSpider[或]
重写cond%{HTTP\u USER\u AGENT}^Zeus
重写规则^.*-[F,L]
我认为它的
内容安全策略:“框定祖先的自我”
#破坏任何点击劫持的iFraming
标题始终未设置X-frame-Options
。。。没有
X-Frame-Options
“中断点击劫持”怎么办?解决了!需要在Apache:a2enmod headers sudo service apache2 restart上启用头文件,然后在Apache:sudo nano/etc/apache2/sites available/000-default.conf上编辑默认虚拟主机文件将此添加到文件:Header set Content Security Policy“frame concents'none';“再次重新启动Apache HTAccess-省去内容安全策略行,但是保留X-Frame one,它可以很好地工作:)我认为它的
内容安全策略:“框架祖先的自我”
#打破点击劫持的任何iFraming
标题总是取消X-Frame-Options
。。。没有
X-Frame-Options
“中断点击劫持”怎么办?解决了!需要在Apache:a2enmod headers sudo service apache2 restart上启用头文件,然后在Apache:sudo nano/etc/apache2/sites available/000-default.conf上编辑默认虚拟主机文件将此添加到文件:Header set Content Security Policy“frame concents'none';“再次重新启动Apache HTAccess-省去内容安全策略行,但保留X-Frame 1,它会很好地工作:) 
<Files .htaccess>
order allow,deny
deny from all
</Files>

RewriteEngine On 

# Break any iFraming for clickjacking

Header always unset X-Frame-Options
Content-Security-Policy: frame-ancestors 'self'

# Disable Directory Browsing

Options All -Indexes
IndexIgnore *

# Blocks a lot of site rippers

RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] 
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] 
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WinHTTrack [OR] 
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] 
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] 
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] 
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] 
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] 
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] 
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] 
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] 
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] 
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] 
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Suck [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] 
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Zeus 
RewriteRule ^.* - [F,L]