PHPFixing
  • Privacy Policy
  • TOS
  • Ask Question
  • Contact Us
  • Home
  • PHP
  • Programming
  • SQL Injection
  • Web3.0

Thursday, April 14, 2022

[FIXED] How to find valid links for iframes?

 April 14, 2022     api, iframe, javascript, x-frame-options     No comments   

Issue

If I use this code line:

<iframe src="https://www.google.com/" frameborder="0"></iframe>

The browser will deny the access to the website.

But if I use this src, suddenly it works :

<iframe src="https://www.google.com/webhp?igu=1" frameborder="0"></iframe>

I saw already couples of websites that the regular domain not working as iframe but additions like /webhp?igu=1 make it work.

  1. Why does it happen ? It's like the "key" / API for using it ?
  2. Where I can find working links to every website ? Those I found was only in stackoverflow. For example, If I use Amazon how can I find "working link" for iframe.

Thanks !


Solution

The X-Frame-Options: SAMEORIGIN header value is present in the headers from the https://www.google.com/ request. This prevents the page from loading in iframes. https://www.google.com/?igu=2 omits the X-Frame-Options header value. Meaning, the page can now be loaded into iframes. Apparently, the igu=2 value was used in one of Google's April fools pranks so their page could be loaded in an iframe. Meaning somewhere in Google's processing of query string values, webhp?igu=1 prevents X-Frame-Options from being added to the response headers. Prevention of the X-Frame-Options header value is not going to be something other major sites allow with simple query string values added to the request url.

You can view the headers of both https://www.google.com and https://www.google.com/webhp?igu=1 here to see the difference for yourself: https://headers.cloxy.net/



Answered By - Muller Digital
Answer Checked By - David Goodson (PHPFixing Volunteer)
  • Share This:  
  •  Facebook
  •  Twitter
  •  Stumble
  •  Digg
Newer Post Older Post Home

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Copyright © PHPFixing