how to block website from loading in iframe?
Recently i tried to load youtube website in an iframe, but i checked that it's not worked. i used this simple code.
<!DOCTYPE html>
<html>
<head>
<title></title>
</head>
<body>
<iframe width="1000px" height="700px" src="http://www.youtube.com" ></iframe>
</body>
</html>
i want to know , why my webpage can't load youtube website in iframe..
what code i use to load the youtube website in my webpage.
how i use same techniq in my website, so no one can add my website in iframe.
This answer was written in 2013 and documents a DEPRECATED header. See other answers for a modern equivalent.
For browsers of 2013, a X-Frame-Options HTTP header needs to be used. It can be implemented through web server configuration settings.
You can view the X-Frame-Options in Header as in the image below,
Reference: https://www.keycdn.com/blog/x-frame-options/
If your browser does not support it, then you will have NO clickjacking defense in place and can use HTTP Header Field X-Frame-Options,
<meta http-equiv="X-Frame-Options" content="deny">
There are three possible values for X-Frame-Options:
DENY - The page cannot be displayed in a frame, regardless of the site attempting to do so.
SAMEORIGIN - The page can only be displayed in a frame on the same origin as the page itself.
ALLOW-FROM uri - The page can only be displayed in a frame on the specified origin.
- Clear clipboard to prohibit unauthorised copying, insert message?
- Supplying a reason for AbortController?
- Can you render a html file into a container?
- Using performance.mark() with Chrome dev tools performance tab
- How to save javascript array as redis list
- Find out whether Chrome console is open
- How to wait for requests and validate responses using playwright?
- Show Bootstrap Alert on Button Click via Javascript / jQuery
- How to post a file from a form with Axios
- Why doesn't Javascript handle divide by zero error in a try catch
- how can I add menu button in telegram bot
- Debounce in ReactJS
- Javascript question mark operator, multiple question marks
- Could not find a declaration file for module '@hookform/resolvers/zod'
- Stripe CLI trigger subscription failed event for a specifc customer
- Steps to send a https request to a rest service in Node js
- react jest confirming snapshot change
- Getting a list of all countries to using npm countries-list
- How do you limit the number of options selected in an HTML <select> element?
- Different sorting
- add an event listener on an element I've created in javascript
- Web Component not rendering when loaded from UNPKG CDN?
- Uncaught TypeError: Failed to resolve module specifier "react-router-dom". Relative references must start with either "/", "./", or "../"
- Javascript Date - set just the date, ignoring time?
- Form validate() method is not working with Vue 3 and Vuetify 3
- Running V8 Javascript Engine Standalone
- PHP - Extract frame during Video upload
- Can a PWA app be published to app store and play store
- How to check if a caught exception was thrown because of triggering an AbortController?
- Apollo Client: retrieving the results from a query with errors