Question: How can I safeguard my web page against unauthorized embedding within iFrames hosted on third-party websites?
Answer:
While identifying the presence of an iFrame embedding your page from the server-side is technically infeasible, you can employ JavaScript to perform this check after the page has loaded. By comparing the "top" and "self" window objects, you can determine if your page is being rendered within an iFrame.
Furthermore, some modern browsers offer support for the X-FRAME-OPTIONS header, which provides additional control over iFrame embedding. This header accepts two values:
Utilizing the X-FRAME-OPTIONS header, you can prevent unauthorized framing of your content. Browsers that support this header include:
The above is the detailed content of How to Prevent Unauthorized iFrame Embedding of Your Webpage?. For more information, please follow other related articles on the PHP Chinese website!