- From: Sheila Thomson <sheilat@madasafish.com>
- Date: Sat, 9 Sep 2000 15:00:32 +0100
- To: <www-html@w3c.org>
Tom Dunn wrote:
> I have some content on an SSL encrypted HTTPS server which can be
sensitive.
> When other sites link to it, I would like to make sure they are in a top
> level page (i.e.: Not in a frame of pages with possible javascript from
some
> other site).
>
> I obviously cannot change pages on other people's sites to include a
> TARGET="_top" on every link to my SSL site. Is there a way to tell
browsers
> to display the page returned in a top level page? I cannot find an HTTP
> header I can add to do this at the WWW server level, so I'm hoping I can
do
> it at the HTML/CSS level.
I think that the following javascript should work for IE4+, Netscape3+ and
Opera 3.5+:
if(top.location!=self.location) {top.location=self.location}
It comes from Javascript for the World Wide Web by Tom Negrino & Dori Smith,
published by Peachpit Press (ISBN 0201354632).
Sheila Thomson
Received on Saturday, 9 September 2000 10:00:46 UTC