Reputation: 169
Cross Frame Scripting in iframes
I have a jsp page. It has 3 i-frames in it. I got a issue of cross frame scripting with it. I could load a page from any other domain to one of my i-frame. Can you please tell how to overcome this issue? I have tried following code:
<style>
html{display : none ; }
</style>
<script>
if( self == top ) {
document.documentElement.style.display = 'block' ;
} else {
top.location = self.location ;
}
</script>
and also I tried a filter which adds Header "X-FRAME-OPTIONS", SAMEORIGIN
Both are not working.
Upvotes: 0
Views: 1528
Answers (2)
Reputation: 1
Try this script, it won't allow your pages to be used in iframes from other domains.
function bust() {
var urlRefer = (window.location != window.parent.location) ? document.referrer: document.location;
var envName = window.location.hostname;
var envNameNew = new RegExp(envName);
if (!(envNameNew.test(urlRefer))) {
window.top.location="http://"+envName;
}
}
bust();
Upvotes: 0
Reputation: 529
For html page from different origin loaded into your iframe, you can't access that page's window or any other object.
For communicating between html page loaded into iframe from different origin , you have to use "postMessage" function. For details & examples google postMessage in javascript,you get plenty of tutorials of it.
Upvotes: 0
Related Questions
- Javascript changing values inside a iframe
- About iframes and event listeners
- Listen to events inside iFrame
- Handling iFrame event in the parent web page
- jquery handle events from external iframe
- Calling JavaScript function from other frame present in an iFrame
- iframe events in other html
- intercepting events over iframe
- Javascript: Event in iFrame
- Events to iframe