Iframe security pass

The check if someone show your website in iframe u use:

if (top.location != location) top.location.href = location.href;

Is this check breakable ?
rares_dumitrescuAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
hieloConnect With a Mentor Commented:
>>I mean if i want to keep the page in iframe
OK, I see. No you cannot. You do not have access to the javascript on the iframe page. The browser doesn't even know what the page in the iframe WILL send. As the page in the iframe is loading, the browser eventually sees the javascript code above and executes it as soon as it sees it.
0
 
hieloCommented:
>>Is this check breakable ?
Yes. If I disable javascript on my browser, I can embed your page in an iframe and view your page from within an iframe.

However, as long as javascript is enabled, it will force the page in the iframe to be loaded/viewable directly in the browser.
0
 
rares_dumitrescuAuthor Commented:
without disabling javascript ?
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
hieloCommented:
Like I said:
"However, as long as javascript is enabled, it will force the page in the iframe to be loaded/viewable directly in the browser."
0
 
rares_dumitrescuAuthor Commented:
If i am the one who uses iframe, can i trick it ? I mean if i want to keep the page in iframe.
0
 
scrathcyboyConnect With a Mentor Commented:
"f (top.location != location) top.location.href = location.href; "

is primarily used by major commercial sites with lots of embedded code, and the reason is, their pages are so complex that they cannot render correctly if stuffed into an Iframe on another page.  On very complex pages it matters -- on most other pages, it does not matter.  There are probably MILLIONS of smaller websites adding content from other sites into IFrames.  WHY WORRY ABOUT IT?  Others are doing it, and you can do it too -- most pages will work, some will not because of the code in them.  Try it to see.
0
All Courses

From novice to tech pro — start learning today.