Oftentimes you want to make sure your site isn't being IFRAME'd. Sometimes it's for security reasons, other times it's so your site's content isn't being skimmed else, and other times it's...oh, who cares, you just want to do it. Here's a short way to escape frames:
if (top.location != self.location) {
top.location = self.location.href;
}
Uglify this and you get 63 characters of gold. Simple, effective.
My first professional web development was at a small print shop where I sat in a windowless cubical all day. I suffered that boxed in environment for almost five years before I was able to find a remote job where I worked from home. The first...
My trip to Mozilla Summit 2013 was incredible. I've spent so much time focusing on my project that I had lost sight of all of the great work Mozillians were putting out. MozSummit provided the perfect reminder of how brilliant my colleagues are and how much...
Anyone that's been in the web development industry for 5+ years knows that there are certain features that we should have had several years ago. One of those features is the HTML5 placeholder; we used JavaScript shims for a decade before placeholder came...
A while back I read a very interesting article by MooTools core developer Jan Kassens about how to create a custom pseudo selector in MooTools. I was surprised at the ease in which one can add their own pseudo selector that I...
Sorry bit of a jacascript noob here – this sounds great but how would one implement it? Where does it go?
Again apologies for what must sound a simple question.
Just toss it at the top of your javascript file :). Really anywhere in your JS this would work.
Just don’t put it inside a function unless that your intention. For example if for some reason you want to give your users a chance to make sure the page isn’t iframed by clicking a button then you put that code in a function say unIFrameMe() and then call that function when onclick the button.
In general, you’ll want this code to be outside of a function, so it is run when the js is loaded.
EMILIO!
But what about the Frame Buster Buster?
http://stackoverflow.com/questions/958997/frame-buster-buster-buster-code-needed
Thanks for the answers re the javascript.
htaccess solutions might be better as they are not so easily bypassed:
To blocks all sites (including your own) from iframing your pages:
or to block any external site from iframing your pages:
You can also only block some of your urls with the x-frame-options header. Here’s an apache solution
Header always append
X-Frame-Options SAMEORIGIN# Block any site from applying an iframe.Apparently I didn’t use `pre` tags.