W3C home > Mailing lists > Public > www-html@w3.org > September 2000

Forcing a page out of a frame

From: Sheila Thomson <sheilat@madasafish.com>
Date: Sat, 9 Sep 2000 15:00:32 +0100
Message-ID: <00d001c01a66$525d3380$88ae26d4@oemcomputer>
To: <www-html@w3c.org>
Tom Dunn wrote:

> I have some content on an SSL encrypted HTTPS server which can be
sensitive.
> When other sites link to it, I would like to make sure they are in a top
> level page (i.e.: Not in a frame of pages with possible javascript from
some
> other site).
>
> I obviously cannot change pages on other people's sites to include a
> TARGET="_top" on every link to my SSL site.  Is there a way to tell
browsers
> to display the page returned in a top level page?  I cannot find an HTTP
> header I can add to do this at the WWW server level, so I'm hoping I can
do
> it at the HTML/CSS level.

I think that the following javascript should work for IE4+, Netscape3+ and
Opera 3.5+:

if(top.location!=self.location) {top.location=self.location}

It comes from Javascript for the World Wide Web by Tom Negrino & Dori Smith,
published by Peachpit Press (ISBN 0201354632).

Sheila Thomson
Received on Saturday, 9 September 2000 10:00:46 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 March 2012 18:15:44 GMT