Reputation: 47
How can I make it so no one can put my iWeb site in an iframe?
If anyone knows, I would like to make it so no one can put my iWeb site in an iframe? How do I make my pages automatically break out of iframes?
Upvotes: 1
Views: 79
Answers (2)
Reputation: 6113
There is also a http header X-Frame-Origin as specified here, that you can put into the server response, which will block the browser from rendering the iframe at all, if set to SAMEORIGIN.
However it's a browser dependant solution (as in the browser will have to support the header to respect its value), but nicer than JS trickery IMO.
Upvotes: 1
Reputation: 30436
This answer applies to this question as well:
This code will work if it is placed in the HTML that is referenced inside an iframe. The way it works is it looks at top (the page you requested that includes an iframe) and self the page inside the iframe. If there are different then it changes the top.location to match the URL of the iframe.
Here is some ASCII to help understand this
|----[OuterPage.html]------|
| |
| |--[InnerPage.html]-| |
| | | |
| | top !== self | |
| | | |
| |-------------------| |
| |
| top === self |
| |
|--------------------------|
If you request InnerPage.html by itself (not in an iframe) then top === self will evaluate to true, however if you request the same page inside an iframe then the same condition will evaluate as false.
Upvotes: 2
Related Questions
- How to prevent my site page from being loaded into other website iframe?
- How to stop my website being framed by others?
- How to prevent my site from loading in iframe using php
- Disallow iframes from displaying page
- HTML5 Iframe: Block remote requests
- How do you block your site from iframes?
- Stop Anyone From Viewing My Site Using an IFrame
- Make iframe invisible
- Prevent iframe breakout HTML 5 / JS
- How to prevent Iframe hack