1

I would like to open sites in an iframe but some show up blank. I want to either hack around it somehow or detect if the iframe is blocked and then redirect to another page on my site.

If I put a URL to Google into an iframe it would work but some websites do something in the code to not allow you to open their site in an iframe on your own website.

neo
  • 121
  • 2
  • 3
  • 13
  • 1
    What do you mean a site is blocking your iframe? You need to give more details, as simply loading an iframe shouldn't be an issue unless you're trying to manipulate or glean data from it – Parker Aug 14 '15 at 22:01
  • Putting their site in an iframe on my site – neo Aug 15 '15 at 23:22

1 Answers1

4

David Chen pointed out that my previous answer was false do to cross domain access, which was very true.

A solution that is on the web at the moment is to download the websites header and assess to see if the Iframe will be blocked.

A website which performs this is

http://www.tinywebgallery.com/blog/advanced-iframe/free-iframe-checker

if you download the website headers and it contains X-Frame-Options for example

'X-Frame-Options => SAMEORIGIN'

Then this could help you determine if an Iframe will load.

docs on x-frame-Option found here - https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options

Joshua Duxbury
  • 4,892
  • 4
  • 32
  • 51
  • 1
    `you can access the html of the site from within the frame with javascript` not true for websites that don't have CORs enabled. – Dave Chen Aug 15 '15 at 23:39
  • Thanks guys! I appreciate the answer. It will help me out a lot. – neo Aug 17 '15 at 00:00
  • Can someone's x frame options header value be changed by another website? – neo Sep 01 '15 at 19:18
  • You can ask Firefox to ignore `X-Frame-Options` with [the extension "Ignore X-Frame-Options Header"](https://addons.mozilla.org/en-US/firefox/addon/ignore-x-frame-options-header/) – roneo.org Oct 28 '21 at 22:21