Oftentimes you want to make sure your site isn't being IFRAME'd. Sometimes it's for security reasons, other times it's so your site's content isn't being skimmed else, and other times it's...oh, who cares, you just want to do it. Here's a short way to escape frames:
if (top.location != self.location) {
top.location = self.location.href;
}
Uglify this and you get 63 characters of gold. Simple, effective.
I remember the early days of JavaScript where you needed a simple function for just about everything because the browser vendors implemented features differently, and not just edge features, basic features, like addEventListener and attachEvent. Times have changed but there are still a few functions each developer should...
When you say or read "HTML5", you half expect exotic dancers and unicorns to walk into the room to the tune of "I'm Sexy and I Know It." Can you blame us though? We watched the fundamental APIs stagnate for so long that a basic feature...
Before we start, I want to say thank you to David for giving me this awesome opportunity to share this experience with you guys and say that I'm really flattered. I think that CSS animations are really great. When I first learned how CSS...
Since we've already figured out how to create TinyURL URLs remotely using PHP, we may as well create a small AJAX-enabled tiny URL creator. Using MooTools to do so is almost too easy. The XHTML (Form) We need an input box where the user will enter...
Sorry bit of a jacascript noob here – this sounds great but how would one implement it? Where does it go?
Again apologies for what must sound a simple question.
Just toss it at the top of your javascript file :). Really anywhere in your JS this would work.
Just don’t put it inside a function unless that your intention. For example if for some reason you want to give your users a chance to make sure the page isn’t iframed by clicking a button then you put that code in a function say unIFrameMe() and then call that function when onclick the button.
In general, you’ll want this code to be outside of a function, so it is run when the js is loaded.
EMILIO!
But what about the Frame Buster Buster?
http://stackoverflow.com/questions/958997/frame-buster-buster-buster-code-needed
Thanks for the answers re the javascript.
htaccess solutions might be better as they are not so easily bypassed:
To blocks all sites (including your own) from iframing your pages:
or to block any external site from iframing your pages:
You can also only block some of your urls with the x-frame-options header. Here’s an apache solution
Header always append
X-Frame-Options SAMEORIGIN# Block any site from applying an iframe.Apparently I didn’t use `pre` tags.