框架破坏但如果是我的话就不会
我们与另一个网站合作,希望在我们网站的 iframe 中显示他们的网站。
他们希望在他们的网站上实现框架破坏 javascript,这样如果我们以外的任何人尝试框架他们的网站,那么他们的网站就会脱离框架。
现在,他们使用这样的代码:
<style>
html{display : none ; }
</style>
<script>
if( self == top )
{ document.documentElement.style.display = 'block' ; }
else
{ top.location = self.location ; }
</script>
当我们的站点是容器框架时,他们如何确保不会发生框架破坏?
感谢您的帮助!
彼得
We've partenered with another website and want to display their website in an iframe on our website.
They want to implement frame busting javascript on their site so that if anyone other than us tries to frame their site then their site will bust out of the frame.
Right now, they're using code like this:
<style>
html{display : none ; }
</style>
<script>
if( self == top )
{ document.documentElement.style.display = 'block' ; }
else
{ top.location = self.location ; }
</script>
How can they ensure that when our site is the container frame, that the frame-busting does not occur?
Thanks for any help!
Peter
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
他们可以检查“else”子句中 top.location 的值,如果它包含您的域名,他们就可以跳过清理。它并不安全或其他任何东西,但怀疑是否有人有兴趣愚弄它。
They could check the value of top.location in that "else" clause, and if it contains your domain name, they could skip busting out. It's not like it's secure or anything, but it's doubtful anyone would be interested in fooling it.