I have a rapidshare link maker and it has been abused by those idiots who has nothing to do than stealing my bandwidth. They link and put my site into iframe and load it on their site. Is there a way for me to block any attempt of framing my site or linking to any of my page? and for the query, can I only allowed query originating from my site? thanks.
yea check to ensure the page being loaded is the top frame. Example 1 - makes your page the top page, effectively redirecting users from the framed page to your webpage being framed: <script language="Javascript"> <!-- if (top.location != self.location) { top.location = self.location.href } //--> </script> Code (markup): Example 2 - redirects user to your website main index: <script language="Javascript"> <!-- if (top.location != self.location) { location.replace("http://yourwebsite.com/"); } //--> </script> Code (markup): example 3 - a nasty javascript loop effectively killing the client so they have to end the process via task manager. A good way to get back at those stealing your resources/content by pissing off their visitors. <script language="Javascript"> <!-- while (top.location != self.location) { alert("i am a crappy webmaster who has to steal others content to make a website."); } //--> </script> Code (markup):
I use this: <script language="Javascript"> <!-- while (top.location != self.location) { alert("i am a crappy webmaster who has to steal others content to make a website."); } //--> </script> Code (markup): But still, other site (eg: http://rapidleech.info/rapidshare-gen-rsmaker/) is showing my site in frame. I do not want this and want to block them. How can I do that?
the webmaster has a ton of resource intensive javascript going on in that page causing the while() loop to throw up an resource error and not working right. I would suggest you use the first or the second option. The first is probably best because they will simply be redirected to your page replacing the TOP frame, increasing your hits and allowing the visitors to view your advertisements. and place it as the first markup under the <HEAD> tag
since javascript is excuted by the client you need a serverside check. Try to block the other site testing the HTTP_REFERER variable
I tried all 3 options and still can see my site being iframed. Anyone can suggest me a code to put on my site?
i dont see a change in your source code at all. it has the same script and it hasnt been moved to the first line under the <HEAD> tag
I have taken measure to install another script on my site. I'll try to use the code again to block others from stealing from me. Thank you for those who helped. @Bind, the reason you didn't saw the code was because I removed them as they are not working.
this should not be solved clientside in javascript. i can quickly&easily implement a serverside proof check into your script. pm me if you need this done.
what if i need to break the (i)frame depending on the calling site? for example i have a few domains i want to url-forward to my site using an iframe, and i only want to allow these sites to view my site via iframe, but not others. how do i get top.location.href from the calling site? hope there's a way around it since when i try to get top.location.href i get 'permission denied'.