Prevent malicious nesting of pages by iframe and malicious nesting of iframe
New blog address: http://hengyunabc.github.io/prevent-iframe-stealing/Origin
The following code prevents nested iframe:
try { if (window.top != window.self) { var ref = document.referer; if (ref.substring(0, 2) === '//') {
Today, I visited a company website and suddenly found that the webpage was incorrect. Right-click to view HTMLCodeIFRAME is a website JS file. Needless to say, it must have been infected.
Go to the server and read the file.Source codeThe IFRAME Code does not exist, but the IFRAME code is automatically added to all websites on the server.
My first response was that the IIS ing was modified. I checked it.
Value of the iframe Parent and Child pages, and value of the iframe Parent and Child
Use jquery to operate iframe1. The content contains two ifameIn leftiframe, jQuery changes the src code of mainiframe:$ ("# Mainframe", parent.doc ument. body). attr ("src", "http://www.jb51.net ")
2. If the content contains an ifame with the ID of mainiframeIfame contains a someIDGet someID content$ ("# Mainiframe "). co
IFRAME is used for the application just completed, and the following is a record to be forgotten.
Requirement (
Program Personnel ):
1. The product query page (appitemsearch. aspx) sends a request: appitemintroduction. aspx? Itemid = xxx
2. Product Introduction page (appitemintroduction. aspx) queries the Link (itemintrodulink links field) of the corresponding XXX product introduction document from the itemintroductionlinks table in the Database Base
Js implementation to prevent iframe, js Implementation of iframe
This article describes how to prevent iframe from js implementations. Share it with you for your reference. The details are as follows:
Method 1:
Method 2:
I hope this article will help you design javascript programs.
When creating a custom pop-up layer a few days ago, iframe needs to be used for a translucent background. However, the problem is that iframe cannot directly set the background color, baidu and google found that most people set src for iframe to point to a target html page, which only sets the background color in the body. I always think this is not very good. Fi
HTML5 inline framework iFrame, html5 inline iframe
Currently, frame and frameset are rarely used and are out of date and replaced by div + CSS. Here is an example of the inline framework iFrame currently in use.
The so-called iFrame inline framework, in my understanding, is to nest a webpage inside the webpage, and can
How do you control the inline iframe scrolling in the page? The method is to use the scroll method of the iframe window:
1, get the Window object of the IFRAME
var iwin = document.getElementById (' iframe1 '). Contentwindow;
2, get the window Document object of the IFRAME
var doc = iwin.document;
3, invoke the scr
HTML code:
JS Code:
$(function(){ $("#btnclick").click(function(){ var frameSrc = "../ErrorPages/NoPermission.html"; $("#NoPermissioniframe").attr("src", frameSrc); $('#NoPermissionModal').modal({ show: true, backdrop: 'static' }); });});
:
Use the bootstrap framework to pop up the IFRAME page. In the pop-up mode box, enter the manned IFRAME page.
Description of IFrame framework usage and iframe framework usage
Example 1.
Needless to say.
Width: the width of the inserted page; height: the height of the inserted page; scrolling: whether to display the page scroll bar (optional parameters: auto, yes, no. If this parameter is omitted, the default value is auto ); frameborder border size;
Note: absolute paths are recommended for URLs.
For example, if y
refused to display ' http://www.***.com/login/dologin.html ' on a frame because it set ' x-frame-options ' to ' sameorigin‘. Trigger reason: The return header of the page is set x-frame-options Sameorigin and can only be referenced by an IFRAME of the same origin. The IFRAME across the domain cannot be displayed.Workaround:The first step is to remove the X-frame-options header from the server.The second ste
First Ajax can not upload files, which misled me for a while, tonight I do not sleep on the instructions to do a no refresh upload files
Actually, the principle is simple.
Copy the Code code as follows:
and the general
The label has more than one target property to specify where the tab opens and submits the data.
If you do not set this property, you will be redirected to open the URL in action on this page as usual.
If set to the name value of the IFR
Today, when the position of the iframe element in the dom tree changes:
1) In ie9, chrome, safari, and firefox browsers, changing the position of iframe In the dom will cause the orientation of iframe to be reloaded, and all resources will be requested here, and trigger the onload of iframe itself.
2) but other labels
Iframe usage summary, iframe usage
Example 1.
Needless to say.
Width: the width of the inserted page; height: the height of the inserted page; scrolling: whether to display the page scroll bar (optional parameters: auto, yes, no. If this parameter is omitted, the default value is auto ); frameborder border size;
Note: absolute paths are recommended for URLs.
For example, if you want to use "Baidu":
Black
The iframe embedded page elements are displayed on the parent page and displayed in full screen. iframe embedded
(I have been registering a blog for a long time, and I have never been willing to add anything to it. I think it is better to search for something and find it whenever I want to write something, but it is always necessary to start, so this is my first blog, and it will never be the last one. If y
Html checks whether the current page is in an iframe instance. The current iframe
When making HTML pages, we often encounter "if the current page is displayed in iframe, we will handle it accordingly"
The judgment method is as follows:
// Determine whether the iframe contains if (self! = Top) {parent. window. locati
This is an original translation article. Original address.
We often use IFRAMEs to load third party content, ads, or plug-ins. The IFRAME is used because it can be loaded in parallel with the main page and does not block the main page. Of course, the use of IFRAME is also pros and cons: Steve souders in his blog has elaborated: using IFRAMEs sparingly:
IFRAME
We often use IFRAMEs to load third party content, ads, or plug-ins. The IFRAME is used because it can be loaded in parallel with the main page and does not block the main page. Of course, the use of IFRAME is also pros and cons: Steve souders in his blog has elaborated:
using IFRAMEs sparingly:
IFRAME will block the OnLoad event on the main page
T
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.