homepage Welcome to WebmasterWorld Guest from 54.145.191.14
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

    
Frame Depreciation
Is this syntax invalid now?
Revata

5+ Year Member



 
Msg#: 4188454 posted 2:03 am on Aug 18, 2010 (gmt 0)

I know frames are the bain of web existence but I have a friend with a frame built site that quit working for him recently. Long story short, his pages that are supposed to load inside the main content frame aren't working. One such header looks like this:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
"http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<link rel="shortcut icon" href="http://www.example.com/favicon.ico" />
<title>Example &ndash; Media</title>
<script type='text/javascript'>
<!--
if(self.location==top.location) top.location.replace('http://www.example.com/index.php?frame=' + self.location) ;
-->
</script>
<meta name="keywords" content="" />
<meta name="description" content="" />
</head>

It seems like pretty simple js, landing on this page should load it into the frame on the index page no? I'm having a hard time getting that to load itself into the frame.

I have nav links on the index page that target="content" (content being the frame name) and they work fine. Thanks in advance!

--apologies for frames--

 

londrum

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4188454 posted 8:13 am on Aug 18, 2010 (gmt 0)

on a side note... that doesnt seem very secure to me. people could load their own page into your iframe.

what happens if they visit the following URL:

http://www.example.com/index.php?frame=http://www.spamsite.com

if they fill their page with links to their site, they will have a bona fide URL on your site with a load of backlinks pointing straight to them. it wouldn't be a problem getting it indexed. all they would have to do is link to it from somewhere else.

Revata

5+ Year Member



 
Msg#: 4188454 posted 8:19 am on Aug 20, 2010 (gmt 0)

Good point, any suggestions for where to start in making it more secure?

rainborick

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4188454 posted 3:17 pm on Aug 20, 2010 (gmt 0)

You could start by having index.php verify that the URL to be loaded into the <frameset> resides within the parent domain.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved