Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?



Find us on Facebook

Follow us on Twitter

View our YouTube channel


 All Forums
 Technical
 Advanced Tips and Tricks - NO QUESTIONS PLEASE
 Prevent your site from being "framed"
 New Topic  Reply to Topic
 Printer Friendly
Author  Topic   

Marshall
Ecommerce Template Guru

USA
1565 Posts

Posted - 08/19/2018 :  22:00:33  
This problem is as old as the internet. Unscrupulous websites "frame" your website then surrond the page with ads or other junk which may have a negative impact on your site, and not just in sales, but reputation as well.

It use to be a simple JavaScript to the effect
<script type="text/javascript">
(function(window) {
if (window.location !== window.top.location) {
window.top.location = window.location;
}
})(this);
</script>
solved the problem. But with more browsers blocking automatic redirects such as this (Chrome being one) using this script is problematic. Here is an alternative. If you cannot get out of the frame, no sense letting them use your site at all. Simply place this in the <head> of your page(s)
<style> html{display:none;} </style>
<script>
if(self == top) {
document.documentElement.style.display = 'block';
} else {
top.location = self.location;
}
</script>
What this simply does is stop the display of your page's content. Yes, you might be stuck in a frame, but your content cannot be taken advantage of. I have tested this and it works like a charm. But remember, nothing is 100%.

Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

insight
ECT Moderator

USA
4193 Posts

Posted - 08/20/2018 :  07:28:30  
You can also set a X-Frame-Options header

Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart.php?gid=7

Marshall
Ecommerce Template Guru

USA
1565 Posts

Posted - 08/20/2018 :  07:39:21  
Thanks Peter. Was not familiar with that one.


Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

Positivek9
Ecommerce Template Guru

USA
4061 Posts

Pre-sales questions only
(More Details...)

Posted - 08/20/2018 :  08:53:21  
Found some info on that here:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

Julie
Owned & loved by 7 German Shepherds

Graham Slaughter
Ecommerce Template Expert

749 Posts

Posted - 01/09/2019 :  09:00:30  
For those of us on a Windows server it is as simple as adding this into your web.config file:

<add name="Content-Security-Policy" value="frame-ancestors 'none';" />
<add name="X-Frame-Options" value="deny" />


Those lines must appear inside
<configuration>
<system.webserver>
<httpProtocol>
<customHeaders>

(lines go here)

</customHeaders>
</httpProtocol>
</system.webserver>
</configuration>


You likely already have other bits inside your web.config, so you'll just add those lines inside the above tags and always ALWAYS test to see if your site works as errors in a web.config file will keep the entire site from loading at all.

Edited by - Graham Slaughter on 01/09/2019 09:00:54
   Topic   
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2019 ecommercetemplates.com
This page was generated in 0.02 seconds. Snitz Forums 2000