Saturday, April 16, 2022

[FIXED] How to prevent my site page to be loaded via 3rd party site frame of iFrame

      , , , ,      No comments   

Issue

How can I find out that my page is embedded as a frame to other site during page loading? I guess referrer request header can't help me here? Thanks.


Solution

You cannot check it from the server's side, but you can use javascript to detect it after the page has loaded. Compare top and self, if they're not identical, you are in a frame.

Additionally, some modern browsers respect the X-FRAME-OPTIONS header, that can have two values:

  • DENY – prevents the page from being rendered if it is contained in a frame
  • SAMEORIGIN – same as above, unless the page belongs to the same domain as the top-level frameset holder.

Users include Google's Picasa, that cannot be embedded in a frame.

Browsers that support the header, with the minimum version:

  • IE8 and IE9
  • Opera 10.50
  • Safari 4
  • Chrome 4.1.249.1042
  • Firefox 3.6.9 (older versions with NoScript)


Answered By - Maerlyn
Answer Checked By - Candace Johnson (PHPFixing Volunteer)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...