Blocking frames from displaying a site from another domain - javascript

I am currently creating a script for Greasemonkey for which i have to create an iframe and display a site from a different domain, but it is not loading.
So I tryd it on another site and it worked -
So my question: Is there a setting which controlls this behaviour?
If you need any more information please tell me

Related

How to do screenshot for frontend page with iframe?

I have made a screenshot function with Javascript for our page, when user click to send issues to us, it will automatically do screenshot of the page through "html2canvas", so we could see something in the snapshot about the issue.
Since we use Iframe to load third-party sites, "html2canvas" don't work to do screenshot inside the Iframe. I searched and found that this library does not support Iframe.
Then I found the "MediaDevices.getDisplayMedia()" screen capture API, I could use it to capture the page. Howerver, as the api could capture screen out of browser page, it needs user permission every time Javascript do screenshot.
I wonder if anyone know a tool or sdk that could screenshot the web page with iframe, without user operation. Thank you!

Refused to display google in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'

I was wondering to make something for fun like website with look of desktop and files, folders...
When I try to make a "web browser" I need iframe for displaying the page inside iframe.
But pages like google.com, facebook.com, twitter.com, youtube.com dooesn't allow this.
Is there way to manage trough it or it is disabled in any way?
I know it is made for security reasons but why would this what I need damage the site up?
I tried with javascript: load() and php print file_get_contents()
Load doesnt work and php just copy paste the page content...
There is not workaround as it's for security reason, this is done to prevent clickjacking (also called a "UI redress" attack). In a clickjacking attack, the page displays a click-activated component of another site inside an <iframe> and tricks the user into clicking it (usually by layering the the target component on top of an apparently-clickable feature of the framing site).
Reference link 1
Reference link 2

Invoking javascript from ifram to the whole website

does anybody know how can I expand javascript so that it targets whole website not only the page in iframe it is on. Im currently using a javascript for gallery on my website, so when you click on a picture it pops up enlarged, however since the page with javascript is in an iframe it shows only in the iframe, how can I accomplish the pop up to expand to the whole page?
Thanks in advance.
Iframes can call out to the window which embeds them using simple javascript (see window.frames on http://www.w3schools.com/jsref/prop_win_frames.asp). However, if src of the iframe is on a different domain, then the script can only affect the iframe, due to security policy within the browser.
If you'd like to apply a work-around, there are some solutions like this: Yet Another cross-domain iframe resize Q&A
These solutions tend to break on different browsers and with updates to browsers.
Your best bet is keeping the entire iframe contents within the browser by writing the iframe code yourself (and hosting on your own domain).

loading javascript and communication between iframes

I've developed some javascript code that renders an iframe on the page. Inside the frame, it loads various API's for social networking, such as facebook, twitter, linked in, etc. It's basically a tool for the website to allow users to sign in with their social network. I've also created a simple jQuery plugin that loads this iframe into a modal popup.
Here's the problem:
The main iframe is loaded on the site, but the developer also wants to use the jquery plugin on the same page. It works fine, but ALL of the javascript is being loaded a 2nd time. So basically it is a huge waste of resources, as every social networking api is being loaded twice. I was wondering if there was a way to track that the api's have already been loaded, and to stop loading them again. The 2 iframes are exactly identical.
I tried adding some properties to window.top, but this doesn't work because of cross domain limitations. The two iframes are of the same domain, but the main site is a different domain.
I was also wondering if an iframe can detect if the main window has loaded jquery, as that is being loaded again even when it's not necessary.
Any advice and suggestion would be appreciated,
Thanks!
You should not use an iframe for this. It sounds like you are creating a 'login pop-up' for users to login, say if they clicked 'comment' and were not already logged in. Just use a div, and float it absolutely above the rest of page.

How to add Return Home button to external sites?

I am developing a website with some links to some pages on external websites (belonging to the same company).
The client wants to add a way to easily return to the home site, i.e. something better than just using the browser's Back button, and something better than just opening the external links in a new browser window.
Seeing as I can't control the content of the external pages, I'm guessing that I will have load those external pages into a frame somewhere along the line.
So is there a way for a link to load a local page with a frameset, with the external page loaded into one of the frames? (Then we could have a "Return Home" button in the other frame.)
Or is there a better way to accomplish this? I could stretch to a bit of JavaScript if pushed...
Thanks,
Stewart.
You'll need to display the external websites in an iframe, with a link at the top (outside of the iframe) back to your site. Note that some sites employ "iframe busters" which will get rid of your iframe.
The best option is to open in a new tab - it's how people expect the web to work.

Categories

Resources