Reputation: 4262
Make webpage not embeddable
I'm developing a PHP website and it's crucial that some of its webpages, which are user generated, must be not embeddable in an iframe on other domains unless I want to.
Is there a way to accomplish this? I noticed i.e. that Vimeo offers premium users to set a list of domains on which a video can be embedded, so I imagine that this is possible in some ways, despite I haven't found anything around...
Thanks!
Upvotes: 1
Views: 54
Answers (2)
Reputation: 1889
Have a look at the referrer.
if (!in_array($_SERVER['HTTP_REFERER'], $allowedReferers)) {
// STOP !!!!
echo "not today baby!";
die();
}
// GO !!!!
Upvotes: 0
Reputation: 2853
You could include a javascript-code on pages that are not allowed as/in iframes, that redirects the top-frame and the iframe becomes useless in most cases.
if ( window.self !== window.top ) {
window.top.location.href = window.location.href;
}
Most modern Browsers also respect the header-field X-FRAME-OPTIONS that can be set to DENY (page did not get displayed inside frames) or SAMEORIGIN (same as DENY, but only if the domain is not the same).
Upvotes: 1
Related Questions
- How to prevent my site page from being loaded into other website iframe?
- How to prevent my site from loading in iframe using php
- How to hide Iframe src?
- Allow a page to be iframed, but disallow it displaying on it's own
- Disallow iframes from displaying page
- Stop Anyone From Viewing My Site Using an IFrame
- How to prevent a page from showing outside of an iframe
- prevent page opening on an iframe?
- how to block the content of iframes from browser calls
- How to hide an iframe url in HTML source code