Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
 
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

Find us on Facebook Follow us on Twitter View our YouTube channel
Search our site
Forum Search
Google Site Search
Buy now for ...
How it works
General help
 All Forums
 Technical
 Advanced Tips and Tricks - NO QUESTIONS PLEASE
 Prevent your site from being "framed"
Author « Topic »  

Marshall
Ecommerce Template Guru

USA
1984 Posts

Pre-sales questions only
(More Details...)

Posted - 08/19/2018 :  22:00:33  
This problem is as old as the internet. Unscrupulous websites "frame" your website then surrond the page with ads or other junk which may have a negative impact on your site, and not just in sales, but reputation as well.

It use to be a simple JavaScript to the effect [code]<script type="text/javascript">
(function(window) {
if (window.location !== window.top.location) {
window.top.location = window.location;
}
})(this);
</script>[/code] solved the problem. But with more browsers blocking automatic redirects such as this (Chrome being one) using this script is problematic. Here is an alternative. If you cannot get out of the frame, no sense letting them use your site at all. Simply place this in the <head> of your page(s) [code]<style> html{display:none;} </style>
<script>
if(self == top) {
document.documentElement.style.display = 'block';
} else {
top.location = self.location;
}
</script>[/code] What this simply does is stop the display of your page's content. Yes, you might be stuck in a frame, but your content cannot be taken advantage of. I have tested this and it works like a charm. But remember, nothing is 100%.

Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

insight
ECT Moderator

USA
4479 Posts
Posted - 08/20/2018 :  07:28:30  
You can also set a X-Frame-Options header

Peter

ServeLink
Professional ecommerce web hosting for ASP & PHP
https://servelink.com

Take a look at our image upload/resize tool for the ASP cart
https://servelink.com/clients/cart.php?gid=7

Marshall
Ecommerce Template Guru

USA
1984 Posts

Pre-sales questions only
(More Details...)
Posted - 08/20/2018 :  07:39:21  
Thanks Peter. Was not familiar with that one.


Marshall
CENLYT Productions - ms designs
Affordable Web Design
Custom Ecommerce Designs
Responsive Websites
Cenlyt.com

Positivek9
Ecommerce Template Guru

USA
4061 Posts

Pre-sales questions only
(More Details...)
Posted - 08/20/2018 :  08:53:21  
Found some info on that here:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

Julie
Owned & loved by 7 German Shepherds

Graham Slaughter
Ecommerce Template Expert

851 Posts
Posted - 01/09/2019 :  09:00:30  
For those of us on a Windows server it is as simple as adding this into your web.config file:

<add name="Content-Security-Policy" value="frame-ancestors 'none';" />
<add name="X-Frame-Options" value="deny" />


Those lines must appear inside
<configuration>
<system.webserver>
<httpProtocol>
<customHeaders>

(lines go here)

</customHeaders>
</httpProtocol>
</system.webserver>
</configuration>


You likely already have other bits inside your web.config, so you'll just add those lines inside the above tags and always ALWAYS test to see if your site works as errors in a web.config file will keep the entire site from loading at all.
Edited by - Graham Slaughter on 01/09/2019 09:00:54
  « Topic »  
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2022 ecommercetemplates.com
This page was generated in 0.03 seconds. Snitz Forums 2000