我有这段代码
<iframe src="http://matrix.crebtools.com/Matrix/public/IDX.aspx?idx=5a251ec" width="860px" height="520px"></iframe>
它在本地工作,但它不适用于heroku 在heroku上它显示白色空白
所以我把application.rb放在了这段代码中,但它仍然无效
在applications.rb
中module MohamedHatata
class Application < Rails::Application
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'ALLOWALL'
}
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
# config.time_zone = 'Central Time (US & Canada)'
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
# config.i18n.default_locale = :de
end
end
我花了两天时间试着找出解决方案,请任何人帮助我
答案 0 :(得分:2)
如果您打开javascript控制台,则会发现mixed content警告。
混合内容:页面位于 &#39; https://mohamed-hatata.herokuapp.com/downsizes/new&#39;装满了 HTTPS,但请求不安全的资源 &#39; http://matrix.crebtools.com/Matrix/public/IDX.aspx?idx=5a251ec&#39 ;.这个 请求已被阻止;内容必须通过HTTPS提供。
如果您通过http://mohamed-hatata.herokuapp.com/downsizes/new而不是https://mohamed-hatata.herokuapp.com/downsizes/new访问了自己的网站,那么您的iframe运行正常。
config.action_dispatch.default_headers将由在您的应用程序内部加载的网站设置,而不是由您的应用程序本身设置。
详细了解混合内容 - https://developer.mozilla.org/en/docs/Security/MixedContent