www.webdeveloper.com
Results 1 to 3 of 3

Thread: #2 - disable java-script iframes (hardcore)

Hybrid View

  1. #1
    Join Date
    Mar 2012
    Posts
    2

    Exclamation #2 - disable java-script iframes (hardcore)

    I have a page with iframe always redirect to url owner!

    iframe is as follows:
    <iframe src="http://torpedo.oiloja.com.br/oitorpedo/EnviaSMSController" name="sidebarfram" frameborder="0" marginheight="0" marginwidth="0" scrolling="no" width="320 "height="530" id="sidebarfram2"></ iframe>

    if someone likes challenges, will like this

    very difficult

  2. #2
    Join Date
    Dec 2002
    Location
    St. Louis, MO, USA
    Posts
    1,582
    If I understand correctly, you have a page that contains an iFrame that displays content from another website, but when the page loads the whole page redirects to that site??

    If this is the case, the owner of the site has implemented a "frame-buster" script that detects whether or not the content is "top document"; if it isn't, then it redirects the whole page to just that content. AFAIK, there is no work-around for that. Someone else might have an idea.

    If this is not the case, please clarify your question.
    |||||
    o . Q
    ___ "You live and you learn; or you don't live long." - Lazarus Long

    ^_^

  3. #3
    Join Date
    Mar 2012
    Posts
    2

    Reply,#2 - disable java-script iframes (hardcore)

    Yes WolfShade!!
    is a "frame-buster" case, but this example never saw before!
    I tried all!
    php file_get_content; iframe of iframe; anti-frame-buster; but does not work!

    i think with other guys studying, it is more easy to resolve.

    the techinique used is hard to break.

    look my php example:

    <?php $page = file_get_contents('iframe com src="http://torpedo.oiloja.com.br/oitorpedo/EnviaSMSController"');// use CURL if possible, this is not a good piece of code

    echo strip_javascript($page, 0);// 0 = allow no javascript

    function strip_javascript($filter, $allowed=0){
    if($allowed&1 == 0) // 1 href=...
    $filter = preg_replace('/href=([\'"]).*?javascript:.*?\\1/i', "'", $filter);

    if($allowed&2 == 0) // 2 <script....
    $filter = preg_replace("/<script.*?>.*?<\/script>/i", "", $filter);

    if($allowed&4 == 0) // 4 <tag on.... ---- useful for onlick or onload
    $filter = preg_replace("/<(.*)?\son.+?=\s*?(['\"]).*?\\2/i", "<$1", $filter);
    return $filter;
    }?>

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles