Code to prevent web pages from being embedded in frames
Recently, another kind of hooliganism has become popular in China: using a frame to embed your web page in its web page.
For example, there is a website that claims to be a “Word of Mouth Aggregation Portal”, providing the best content of various online forums across the country. But, in fact, it uses frames to grab other people’s web pages, and then adds your own ads and site logos on it. How is this different from pirated booksellers? !
Visitors who don’t know the inside information only see the URL of the portal in the address bar, and don’t know the actual content of the webpage, in fact, it comes from another website.
Why am I opposed to this approach?
1) It deliberately blocked the URL embedded in the webpage, infringing the original author’s copyright and the visitor’s right to know;
2) A large number of operators use invisible frames, which makes the framed webpage and the embedded webpage visually identical, which is extremely deceptive;
3) Unscrupulous operators add advertisements (even viruses and Trojan horses) on or around the embedded web pages, which not only destroys the original author’s design intent and image, but also constitutes an act of infringement and profit using other people’s resources;
4) If the visitor clicks from one webpage to another within the frame, the address bar of the browser is unchanged, which is a very poor user experience, and the visitor will blame this experience on the author of the original webpage .
If it is really necessary to embed other people’s web pages in your own frame, then the following three conditions should be met at the same time:
A. In the prominent position of the framed webpage, clearly indicate that the webpage uses frame technology, and clearly list the URL of the original webpage.
B. Provide visitors with the function of “remove the frame” in the prominent position of the framed webpage.
C. Do not attach any advertisements or malicious code.
If you often use Google’s image search , you will know that Google does this.
Of course, the rogue industry will not ignore your legitimate demands. So, I wrote a very simple javascript code, as long as you put it into the head of the webpage source code, those rascals will have no way to use your webpage.
<script type=”text/javascript”>
if (window!=top) // Determine whether the current window object is a top object
top.location.href =window.location.href; // If not, the URL of the top object is automatically directed to the URL of the embedded webpage
</script>
UPDATE
2010.8.15
Release the upgraded version of the code , so that except for the local domain name, all other domain names cannot embed your webpage into the frame.
(over)