Monday, October 06, 2008

Some of the common hacks use an inner frame to host your site, while the attacker controls the surrounding frame.

Using the following Javascript code, you can make sure your site is running the top frame in the browser:

        <script type="text/javascript">
          
          if (parent.frames.length > 0) {
            parent.location.replace(self.document.location);
          }
          
        </script>

The code will reload the current page in the parent window if it is within a frameset.

Kirk

Thursday, October 16, 2008 2:33:41 PM (New Zealand Standard Time, UTC+12:00)
As a note to this - Adobe use the following framebusting code on their settings page:

<script type="text/javascript">
// <![CDATA[
if (top!=self){
top.location.href=self.location.href;
}
// ]]>
</script>

There's more than one way to skin a cat!

Kirk
All comments require the approval of the site owner before being displayed.
Name
E-mail
Home page

Comment (HTML not allowed)