How to check if website is loadable in iframe

About

Asked 12/5, 2014 at 6:59 Answered 12/5, 2014 at 7:7

I need to check, if website in iframe is loaded properly. On my website, users can POST custom website, which will show them in iframe. But some websites are protected from insert to iframe (such as google or facebook).

How can I check, if is website loadable in iframe and can be used in iframe?

PS: I haven't show any code, because I have no code and no idea how to do it. (My website runs on Java, so no Apache or PHP).

Trstram answered 12/5, 2014 at 6:59 Comment(3)

See this: https://mcmap.net/q/244899/-detect-x-frame-options – Disclosure 12/5, 2014 at 7:23

possible duplicate of Detect X-Frame-Options – Autobahn 12/5, 2014 at 8:50

BTW, how can you flag this as duplicate, when I am not running on PHP? – Sulphur 20/5, 2014 at 8:37

Check HTTP response header for X-Frame-Options. Facebook sends X-Frame-Options=DENY, which means "The page cannot be displayed in a frame, regardless of the site attempting to do so."

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

Check this: Accessing the web page's HTTP Headers in JavaScript

Dissimilarity answered 12/5, 2014 at 7:7 Comment(7)

No. You need to check the Headers the website sends you. You can use get_headers. Or do you want javascript? #220731 – Innocency 12/5, 2014 at 7:20

Sorry, I forgot to say, that my website runs on Java. I have no Apache or PHP. – Sulphur 12/5, 2014 at 7:22

+1. This is a perfectly fit answer to the question. Why the downvote? In fact it is the question which is unclear. – Disclosure 12/5, 2014 at 7:23

mkyong.com/java/how-to-get-http-response-header-in-java for Java, or the stackoverflow answer I linked above if you want to do this dynamically in js. – Innocency 12/5, 2014 at 7:23

There's also JS, which is much simpler, that can undo iframes: if ( location.href != parent.location.href ) { parent.location.href = location.href; } How do you check for that? – Haifa 12/5, 2014 at 7:27

@abhitalks I didn't downvote... Thanks guys, I will try all possibilities. – Sulphur 12/5, 2014 at 7:30

This generally wouldn't work in JavaScript, which is what I think the questioner is actually asking about because the request would probably be denied due to Access Control Allow Origin restrictions. I'm not sure there is a good answer to this question. But this one definitely isn't one. – Bigford 12/5, 2014 at 7:31

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags