Cross Frame Scripting in iframes

1.5k Views Asked by SSN At 10 April 2025 at 18:24

I have a jsp page. It has 3 i-frames in it. I got a issue of cross frame scripting with it. I could load a page from any other domain to one of my i-frame. Can you please tell how to overcome this issue? I have tried following code:

             <style>
                html{display : none ; }
            </style>
            <script>
                if( self == top ) {
                    document.documentElement.style.display = 'block' ;
                } else {
                    top.location = self.location ;
                }


            </script>

and also I tried a filter which adds Header "X-FRAME-OPTIONS", SAMEORIGIN

Both are not working.

Original Q&A

There are 2 best solutions below

Parth On 22 May 2012 at 06:20

For html page from different origin loaded into your iframe, you can't access that page's window or any other object.

For communicating between html page loaded into iframe from different origin , you have to use "postMessage" function. For details & examples google postMessage in javascript,you get plenty of tutorials of it.

Peru On 18 September 2014 at 18:18

Try this script, it won't allow your pages to be used in iframes from other domains.

function bust() {
    var urlRefer = (window.location != window.parent.location) ? document.referrer: document.location;
    var envName = window.location.hostname;
    var envNameNew = new RegExp(envName);
    if (!(envNameNew.test(urlRefer))) {
        window.top.location="http://"+envName;  
    }
}
bust();

Cross Frame Scripting in iframes

There are 2 best solutions below

Related Questions in JAVASCRIPT

Related Questions in JAVA

Related Questions in DOM-EVENTS

Related Questions in JSPX

Trending Questions

Popular # Hahtags

Popular Questions