JavaScript FrameBuster Snippet
Oftentimes you want to make sure your site isn't being IFRAME'd. Sometimes it's for security reasons, other times it's so your site's content isn't being skimmed else, and other times it's...oh, who cares, you just want to do it. Here's a short way to escape frames:
if (top.location != self.location) {
top.location = self.location.href;
}
Uglify this and you get 63 characters of gold. Simple, effective.
![39 Shirts – Leaving Mozilla]()
In 2001 I had just graduated from a small town high school and headed off to a small town college. I found myself in the quaint computer lab where the substandard computers featured two browsers: Internet Explorer and Mozilla. It was this lab where I fell...
![Conquering Impostor Syndrome]()
Two years ago I documented my struggles with Imposter Syndrome and the response was immense. I received messages of support and commiseration from new web developers, veteran engineers, and even persons of all experience levels in other professions. I've even caught myself reading the post...
![Comment Preview Using MooTools]()
Comment previewing is an awesome addition to any blog. I've seen really simple comment previewing and some really complex comment previewing. The following is a tutorial on creating very basic comment previewing using MooTools.
The XHTML
You can set up your XHTML any way you'd like.
![Using Opacity to Show Focus with MooTools]()
I'm a huge fan of using subtle effects like link nudging (jQuery, MooTools) to enhance the user experience and increase the perceived dynamism of my websites. Trust me -- a lot of little things are what take websites to the next level.
Sorry bit of a jacascript noob here – this sounds great but how would one implement it? Where does it go?
Again apologies for what must sound a simple question.
Just toss it at the top of your javascript file :). Really anywhere in your JS this would work.
Just don’t put it inside a function unless that your intention. For example if for some reason you want to give your users a chance to make sure the page isn’t iframed by clicking a button then you put that code in a function say unIFrameMe() and then call that function when onclick the button.
In general, you’ll want this code to be outside of a function, so it is run when the js is loaded.
EMILIO!
But what about the Frame Buster Buster?
http://stackoverflow.com/questions/958997/frame-buster-buster-buster-code-needed
Thanks for the answers re the javascript.
htaccess solutions might be better as they are not so easily bypassed:
To blocks all sites (including your own) from iframing your pages:
or to block any external site from iframing your pages:
You can also only block some of your urls with the x-frame-options header. Here’s an apache solution
Header always append
X-Frame-Options SAMEORIGIN
# Block any site from applying an iframe.Apparently I didn’t use `pre` tags.