javascript - Anti-Clickjacking Code Causes Page to Continually Refresh -
i have wordpress site , have following code designed prevent clickjacking:
<script type="text/javascript"> if (self === top) { var anticlickjack = document.getelementbyid("anticlickjack"); anticlickjack.parentnode.removechild(anticlickjack); } else { top.location = self.location; } </script>
however, code cause 1 of admin pages refresh. page in customize section of the theme i'm building. happening because preview displayed in iframe.
what can prevent clickjacking on legacy browsers, while fix issue of page reloading constantly? ideally, able modify javascript somehow.
<script type="text/javascript"> if (self === top || self.location === 'yourpreviewpage') { var anticlickjack = document.getelementbyid("anticlickjack"); anticlickjack.parentnode.removechild(anticlickjack); } else { top.location = self.location; } </script>
you can bypass pages (specially preview page in case) framing using similar code above. other options anticlickjacking use response headers -
Comments
Post a Comment