open site in iFrame which avoids Frame Busting

Question

I am trying to open some site in iFrame which opens as popup. Some sites does not allow itself to open in iFrame (Frame Busting).

I have searched for this . i Have got some solution also like

$(window).bind('beforeunload', function (event) {

        return 'Custom message.';
        });

beforeunload not work for me, as it will run even when navigating within my site

and also I tried

 // Event handler to catch execution of the busting script.
        window.onbeforeunload = function () { prevent_bust++ };

        // Continuously monitor whether busting script has fired.
        setInterval(function () {
        if (prevent_bust > 0) {  // Yes: it has fired. 
        prevent_bust -= 2;     // Avoid further action.
        // Get a 'No Content' status which keeps us on the same page.

        window.top.location.href = 'http://mysiteurl/#';
        }
        }, 1);

above is also not working, it will redirect to the url which is being opened in iFrame.

So Is there any solution to open site (having Frame Buster) in IFrame.

Regards, Sagar Joshi

Answer 1

For IE use this in your frame security="restricted"

<iframe id="frame_id" name="frame_name" security="restricted" src="page.html">  
</iframe>

Edit: I was having the same issue but I needed scripts etc to run in my frame so security restricted was not good. Try using sandbox="..."

• allow-forms allows form submission
• allow-popups allows popups
• allow-pointer-lock allows pointer lock
• allow-same-origin allows the document to maintain its origin
• allow-scripts allows JavaScript execution, and also allows features to trigger automatically
• allow-top-navigation allows the document to break out of the frame by navigating the top-level window

Top navigation is what you want to prevent, so leave that out and it will not be allowed. Anything left out will be blocked

ex.

        <iframe sandbox="allow-same-origin allow-scripts allow-popups allow-forms" src="http://www.example.com"</iframe>