Technology

Add an Iframe Breaker to Your Site

My good friend Kevin Mullett informed me when he clicked on one of my links in Twitter, he was brought to my site with a big popup and a malicious code warning. That’s enough to scare the heck out of someone, so I started doing some testing. It winds up there was nothing actually wrong with my site – the problem was the link.

The link on another site produced a toolbar up top that encouraged people to click on a malicious link, while loading my site in an iframe underneath. To most folks, it could have the appearance that my site was spreading malicious code. To be honest, I absolutely despise any site that loads my site within an iframe, so I did what any reasonable geek would do… I loaded up a frame breaker.

The code is quite simple. Place the following line of code in the head section of your page:

<script type='text/javascript'>if (top !== self) top.location.href = self.location.href;</script>

When the page loads with the toolbar frame, the Javascript executes and if your page isn’t taking up the entire browser, it literally redirects the page to become the page in the browser. Nice and easy – and no more risk of being caught in some malicious toolbar!

Leave a Reply