Breaking out of frames

Prevent your website from displaying within another site’s frames.

Some websites link to external web pages but keep them trapped within a frame.

Such a technique can be used to continue serving advertisements to an audience that has left a website, to monitor the activity of those people, or otherwise try and claim ownership of content by masking the true URL. Most internet users find this practice annoying.

Additionally, most webmasters resent having their web pages served within someone-else’s frames. Examples of websites that employ this practice are paper.li, about.com and Google Images.

If you run a website and want to make sure that your content can’t be served within someone-else’s frame, you can use this simple piece of JavaScript within your site’s <head> tags:

Whenever someone tries to access your page from within a frame, the page will automatically reload without the frame so that your website (rightly) occupies the entire browser window.

I find that the easiest way to deploy such a script is to create a file called noframes.js and insert the following:

if (top.location != location) { top.location.href = location.href; }

Then that file can be linked-to in the <head> as follows.

If you want to confirm that your code is working, the TrafficHoopla Frame Breaker Test is excellent.

Note that this remedy won’t work for the small number of people who have JavaScript disabled.

Have Your Say

Δ