Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

unatuhorised embed of my site 1

Status
Not open for further replies.
pease

pease

Programmer
Apr 2, 2009
29
GB
Hi,

One of the sites I run has been embedded into a third party via an iframe. I have tried contacting the party on a number of occasions but had no joy in getting it removed.

This is now harming our sites reputation and business, is there any way to deny the data if its being used in an iframe or on another site?

I cant however stop hotlinking as we have a number of images legally hotlinked on other sites.

Ive tried adding the IP address and domain name of the offending site to my IP Deny list but that doesnt seem to work.

Any help would be appreciated.

Peter
 
Sort by date Sort by votes
Hi

Peter said:
Ive tried adding the IP address and domain name of the offending site to my IP Deny list but that doesnt seem to work.
Click to expand...
I guess you are trying to ban based on [tt]REMOTE_ADDR[/tt], but what you want should be done based on [tt]REFERER[/tt]. But this way you would ban legitimate visitors too.

I suggest to use a JavaScript code like this on every page :
Code: 
if (top!=self) top.location=self.location

Feherke.
 
Upvote 0 Downvote
Thank you, thats exactly the sort of thing I was thinking of.
 
Upvote 0 Downvote
Unfortunately, all the site in question has to do is override 'location' with a dummy function or variable in their page, and it would negate that trick :-(

Are you sure you got the right IP address? I would have thought that the best way...

Dan



Coedit Limited - Delivering standards compliant, accessible web solutions

Dan's Page [blue]@[/blue] Code Couch:
Code Couch Tech Snippets & Info:
 
Upvote 0 Downvote
Hi

Dan said:
Unfortunately, all the site in question has to do is override 'location' with a dummy function or variable in their page, and it would negate that trick
Click to expand...
That sounds bad. I tried to reproduce it, but no success. If you have a demo for this, could you pleas post it ? Thank you.

Feherke.
 
Upvote 0 Downvote
It looks like since I last tried it (admittedly this was at least 6 years ago) all major browsers have fixed that workaround.

So it looks like frame breaking is no problem any more (you can't even use JS setters to nobble 'location').

Dan







Coedit Limited - Delivering standards compliant, accessible web solutions

Dan's Page [blue]@[/blue] Code Couch:
Code Couch Tech Snippets & Info:
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cae154
  • Locked
  • Question
Body of email not appearing in correct font on iPhone and iPad
Replies
1
Views
757
spamjim
spamjim
pendle666
  • Locked
  • Question
new website renders fine in IE/Edge but not in Chrome - test site was fine
Replies
2
Views
168
pendle666
pendle666
JScannell
  • Locked
  • Question
Testing embeddedc video files
Replies
2
Views
183
JScannell
JScannell
CoolBreeze007
  • Locked
  • Question
Unable to make HTML element adjust with the resizing of the browser
Replies
0
Views
128
CoolBreeze007
CoolBreeze007
pendle666
  • Locked
  • Question
Inserting same line of text of every web page - "link" insert? 1
Replies
6
Views
214
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top