防止 iframe 窃取

问题描述

我认为有人在使用 iframe 窃取我的内容.我的网站是一个论坛，一个用户刚刚向我举报.

I think someone is stealing my content using an iframe. My website is a forum and a user has just reported them to me.

如果其他人这样做，我如何以编程方式(php、JavaScript、jQuery、HTML)找到他们的网站?

How can I find their website programmatically (php,JavaScript,jQuery,HTML) if their are others doing this?

互联网上允许他们这样做吗?我可以采取行动吗?

Is this allowed on the internet for them to do this and can I take action?

推荐答案

使用 JavaScript 你可以做到

With JavaScript you can do

if(window.top==window){
 //not inside iframe
} else {
    if(parent.parent.someFunction){
       parent.parent.someFunction();
    } else {
       alert("framing is not allowed")
    }
}

或

if (window.top !== window.self) window.top.location.replace(window.self.location.href);

一些现代浏览器也支持 X-FRAME-OPTIONS 标头，它可以有两个值:

Some modern browsers also support the X-FRAME-OPTIONS header, that can have two values:

* DENY – prevents the page from being rendered if it is contained in a frame
* SAMEORIGIN – same as above, unless the page belongs to the same domain as the top-level frameset holder.

支持标题的浏览器:

* IE8 and IE9
* Opera 10.50
* Safari 4
* Chrome 4.1.249.1042
* Firefox with NoScript

这篇关于防止 iframe 窃取的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持html5模板网！