prevent iframe redirect

**dolittle** · 30 Aug 2008 7:19 AM

Hi,

I have a website inside an iframe.
Both the website and the iframe are at the same domain but I'm not allow to modify the website code. I have full control over the top frame code.

When the inner page is inside an iframe it uses a code to load the page without the iframe:

Code:

if (top != self) { top.location.replace('http://example.com'); }

Is there a way to prevent this without modifying the inner page code?

Can I somehow overwrite the top.location.replace function?
I've tried:

Code:

top.location.replace = new Function("x", "return false");

and I also tried:

Code:

top.location.replace = function(nUrl) {
	return false;
}

Both doesn't work.

Thanks

**hendricd** · 30 Aug 2008 7:32 AM

Tried setting

Code:

frame.window.top = frame.window.self;

after its loaded?

**dolittle** · 30 Aug 2008 11:08 AM

Tried setting frame.window.top = frame.window.self;
after its loaded?

Should I put it in the top frame or in the inner iframe?
I don't have access to the inner iframe code only the top frame.

Is it possible to overwrite internal javascript function like location.replace()?

**hendricd** · 30 Aug 2008 11:27 AM

@dolittle -- If:

1) you are using ManagedIframePanel
2) the "if (top != self) { top.location.replace('http://example.com'); }" is executed during/after onload event.

you could try:

Code:

new Ext.ux.ManagedIframePanel({
   defaultSrc : 'yourLocalPage.html',
   listeners: {
      domready : function(frame){
          var w;
          if(w = frame.getWindow()){
             w.top = w.self;
          }
     }
  },....
});

Is it possible to overwrite internal javascript function like location.replace()?

That, is likely NOT allowed.

**dolittle** · 30 Aug 2008 11:43 AM

Unfournatly I can't use ManagedIframePanel because of its GPL license and because the code has to be small.

Thanks anyway.

**hendricd** · 30 Aug 2008 11:45 AM

Originally Posted by dolittle

Unfournatly I can't use ManagedIframePanel because of its GPL license and because the code has to be small.

Thanks anyway.

=< 1.2 is still LGPL. 2.0+ will not be.

**dolittle** · 30 Aug 2008 2:39 PM

I've created a simple test.
I put the following code in the header of the inner iframe and it works on in FF and not in IE7:

Code:

window.top = window.self;

IE7 bug says:

Code:

Error: Not implemented
Code: 0

I tried to create the iframe using your code with ManagedIframePanel and the domready event:

Code:

Ext.onReady(function(){	
	new Ext.ux.ManagedIframePanel({
		renderTo: 'iframeWrap',
		defaultSrc : 'iframe.html',
		listeners: {
			domready : function(frame){
				var w;
				if(w = frame.getWindow()){
					w.top = w.self;
				}
			}
		}
	});
});

In the iframe.html body I put:

Code:

if (top != self) { top.location.replace('http://localhost/test/iframe.html'); }

But it still redirects.

Another issue is that all the pages of the website have the redirect code but I'll be able to attach the event only to the first page.

**hendricd** · 30 Aug 2008 3:34 PM

@dolittle -- I'd say you have too many constraints imposed upon you (and from your own domain, boo) .

Where/when in the embedded page(s) are they asserting top != self?

**dolittle** · 30 Aug 2008 4:26 PM

It turns out that I can inject javascript code before the frame breaker but can't take it out.
Can I change the innerHtml of the script using another script that is being executed before?

The script with the top!=self is placed at the bottom of the body part of the iframe:

Code:

<body>
     some html
     ...
     ...
     <script type="text/javascript">
         if (top != self) { top.location.replace('http://best999.ning.com'); }
    </script>
</body>

I know it sound strange but I need to put a CMS inside an iframe, both on the same server but I'm not allowed to change the code of the CMS.

**dolittle** · 3 Sep 2008 5:56 AM

@cwhsjb
I don't understand what you are saying.

prevent iframe redirect

Thread Tools

Search Thread

Display

prevent iframe redirect

prevent iframe redirect