We host ads inside iframe ,some advertisers tries to push download malware , is there a way to disable iframe from sending files to the browser? I tried "sandbox" Attribute but with no luck. if it's not possible , is there a way to show client message when any download start ?
Asked
Active
Viewed 2,457 times
2
-
Did you just try Chrome? – epascarello Jan 18 '17 at 05:00
-
what I could do with Chrome? – Seif Elsherif Jan 18 '17 at 05:03
-
What browsers did you test the sandbox attribute with? That is what I was inferring. – epascarello Jan 18 '17 at 05:03
-
yes I used google chrome to test it,with no luck – Seif Elsherif Jan 18 '17 at 05:05
2 Answers
1
No, not really.
Generally speaking, the sandbox attribute is only useful for protecting your web site from the contents of the frame. It cannot be used to protect your users from the contents of the frame.
Now, serious talk: You need to stop working with those advertisers. If they're willing to serve ads which include unprompted downloads, they'll probably be just as happy to serve ads which contain Flash or Javascript exploits. Maybe they already do, and you just haven't noticed yet. Your best defense against a bad ad network is to cut them off entirely, not to try and contain them.
0
can use this code to disable content of the hidden iframe that not show in the website
<script>
var frames = window.frames;
var i;
for (i = 0; i < frames.length; i++) {
if (frames[0].innerHeight == 1)
frames[i].location = "";
if (frames[0].innerHeight == 0)
frames[i].location = "";
if (frames[0].innerWidth == 1)
frames[i].location = "";
if (frames[0].innerWidth == 0)
frames[i].location = "";
}
</script>
set this code at the end of website block code.
Mehdi Zamani
- 323
- 2
- 10