Thursday, July 12, 2007

How to Stop a Framebreaker Script

OK, let's say you found a page and, being the good Netizen you are, you want to share the page with the audience of YOUR web site.

Like any good webmaster, you dutifully employ an iframe, with the source being the URL of the page you want to share. Alas, when you load your page, the screen refreshes and you're taken away from your site to the page you're trying to load into the iframe.

You've just been framebusted.

Framebreaker scripts are very common. Webmasters employ them to keep OTHER webmasters from re-presenting their content in another site. But for every action, there's an equal and opposite reaction.

The next time you want to load remote content into an iframe on your site, try:
<iframe src="" security="restricted"></iframe>
The SECURITY attribute in IE allows you to open a third-party page as though it was within the high-security restricted sites level as defined within IE. This means no Javascript and that means framebuster scripts won't work.

The attribute doesn't work in non-IE browsers however. Javascript framebusters function correctly in those browsers.


Anonymous said...

wow if this is true and actually works, I mean it solves a problem that I've been having. Hooray!

Anonymous said...

Why are you trying to frame sites that don't belong to you anyway?

Anonymous said...

Or, you could link directly to the website instead of going against the wishes of the creator of that website. If people like your site, they'll come back to it.

Yusman said...

oke nih..

Sipylus said...

Does that mean good and bad publishers can now IFRAME Twitter? I doubt that but maybe other less secured sites.

Anonymous said...

It works but only for the first page referenced in the URL. If you click a link on the remote site and that page also has framebuster code in it, the new page will open in a new window.