javascript - How do I counter iframe security problems? -


i heard there many security issues arise when use iframes. handle xss, else should make sure no problems happen?

i came across js codes use top.window, concern client-side code not reliable, else can server side? (i using php, awesome if solution generic)

update: make things clearer, using iframe, because don't want headers, menues etc.. refreshed every time. trying find way use iframe without falling security problems.

you set x-frame-options header deny. let browsers know if resource loaded via iframe don't display.

you can read more & configuring server send header @ mdn. also, in php can use

header("x-frame-options: deny")

Comments

Post a Comment

Popular posts from this blog

JQuery Autocomplete without using label, value, id -

is possible have jquery autocomplete work without using conventional id,label,value? for instance, not wish use: [ { "id": "botaurus stellaris", "label": "great bittern", "value": "great bittern" }, { "id": "asio flammeus", "label": "short-eared owl", "value": "short-eared owl" }] but rather: [ { "my_id": "botaurus stellaris", "first_name": "great bittern", "last_name": "great bittern" }, { "my_id": "asio flammeus", "first_name": "short-eared owl", "last_name": "short-eared owl" }] so like, jquery autocomplete takes id,value,label , can make take my_id, first_name, last_name , make jquery autocomplete treat same id,label,value ? this might useful, when don't wish modify data's keys coming datasource, display on jquery autocomplete. ...
Read more

c++ - Accessing inactive union member and undefined behavior? -

i under impression accessing union member other last 1 set ub, can't seem find solid reference (other answers claiming it's ub without support standard). so, undefined behavior? the confusion c explicitly permits type-punning through union, whereas c++ ( c++11 ) has no such permission. c11 6.5.2.3 structure , union members 95) if member used read contents of union object not same member last used store value in object, appropriate part of object representation of value reinterpreted object representation in new type described in 6.2.6 (a process called ‘‘type punning’’). might trap representation. the situation c++: c++11 9.5 unions [class.union] in union, @ 1 of non-static data members can active @ time, is, value of @ 1 of non-static data members can stored in union @ time. c++ later has language permitting use of unions containing struct s common initial sequences; doesn't permit type-punning. to determine whether union type-punning is allowe...
Read more

JAVA - what is the difference between void and boolean methods? -

i new java. writing wrapper-library in java make functions available in basic-like language. i got stock @ point when noted code not executed in java-library although compiler did not complain (using eclipse). resolved replacing code follows: public void videoquality(int vquality) //did not work into public boolean videoquality(int vquality) //works here complete code-snippets: public void videoquality(int vquality) //did not work {if (vquality==16) { vidquality=16; } else if (vquality==-16) { vidquality=-16; } else if (vquality==0) { vidquality=0; } else vidquality=-16; vitamioext.setvideoquality(vidquality); } public boolean videoquality(int vquality) //works {if (vquality==16) { vidquality=16; } else if (vquality==-16) { vidquality=-16; } else if (vquality==0) { vidquality=0; } else vidquality=-16; vitamioext.setvideoquality(vidquality); return true; } i think void corresponds sub in visual basic while boolean corresponds function. i found odd following code worked using...
Read more