好吧,您应该使用 x-frame-options 。
阅读本文,希望对您有所帮助:
http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-
clickjacking-with-x-frame-
options.aspx
我对jsp和servlet不熟悉,但是我认为您可以执行以下操作:
public class NoIframeAllowedServlet extends HttpServlet { public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setHeader("X-frame-Options", "SAMEORIGIN"); }
