Refused to display 'http://localhost:8000/' in a frame because it set 'X-Frame-Options' to 'deny'.
[NEW] Explain Console errors by using Copilot in Edge: click
to explain an error. Learn more
Don't show again
VM223:647
Uncaught TypeError: Cannot read properties of null (reading 'classList')
at HTMLDocument.onDocumentLoad (VM223:647:19)
onDocumentLoad @ VM223:647
image-dialog.js:158
Uncaught DOMException: Failed to read a named property 'document' from 'Window': Blocked a frame with origin "http://localhost:8000/" from accessing a cross-origin frame.
at uploadIframe.onload (http://localhost:8000/static/mdeditor/js/plugins/image-dialog/image-dialog.js:158:129)
uploadIframe.onload @ image-dialog.js:158
load(异步)
submitHandler @ image-dialog.js:154
dispatch @ jquery.js:5145
elemData.handle @ jquery.js:4949
trigger @ jquery.js:8629
(匿名) @ jquery.js:8707
each @ jquery.js:383
each @ jquery.js:205
trigger @ jquery.js:8706
(匿名) @ image-dialog.js:179
dispatch @ jquery.js:5145
elemData.handle @ jquery.js:4949
django默认启用django.middleware.clickjacking.XFrameOptionsMiddleware中间件,这会导致无法使用本地图片上传功能 图片会被正确上传并存储,但是编辑器无法获取到图片上传的路径 移除此中间件会导致安全问题 浏览器的报错如下:
Refused to display 'http://localhost:8000/' in a frame because it set 'X-Frame-Options' to 'deny'. [NEW] Explain Console errors by using Copilot in Edge: click to explain an error. Learn more Don't show again VM223:647 Uncaught TypeError: Cannot read properties of null (reading 'classList') at HTMLDocument.onDocumentLoad (VM223:647:19) onDocumentLoad @ VM223:647 image-dialog.js:158 Uncaught DOMException: Failed to read a named property 'document' from 'Window': Blocked a frame with origin "http://localhost:8000/" from accessing a cross-origin frame. at uploadIframe.onload (http://localhost:8000/static/mdeditor/js/plugins/image-dialog/image-dialog.js:158:129) uploadIframe.onload @ image-dialog.js:158 load(异步) submitHandler @ image-dialog.js:154 dispatch @ jquery.js:5145 elemData.handle @ jquery.js:4949 trigger @ jquery.js:8629 (匿名) @ jquery.js:8707 each @ jquery.js:383 each @ jquery.js:205 trigger @ jquery.js:8706 (匿名) @ image-dialog.js:179 dispatch @ jquery.js:5145 elemData.handle @ jquery.js:4949
django默认中间件配置如下: MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ]
我使用的包版本如下: Package [Version] asgiref 3.8.1 Django 5.0.3 django-mdeditor 0.1.20 Markdown 3.6 pillow 10.3.0 pip 24.0 Pygments 2.17.2 setuptools 68.2.0 sqlparse 0.4.4 tzdata 2024.1 wheel 0.41.2