javascript on twitter to prevent embedding the html page.
Posted
by Reginald
on Stack Overflow
See other posts from Stack Overflow
or by Reginald
Published on 2010-03-30T16:42:56Z
Indexed on
2010/03/30
16:53 UTC
Read the original article
Hit count: 292
JavaScript
|security
This is the javascript that you can find in www.twitter.com (just click to see the source code) I have just reformatted it for clarity:
if (window.top !== window.self) {
document.write = "";
window.top.location = window.self.location;
setTimeout(function() {
document.body.innerHTML = '';
}, 1);
window.self.onload = function(evt) {
document.body.innerHTML = '';
};
}
now I understand this trick is to prevent other sites to wrap twitter in other iframes. but what I want to ask is do we really need all of this code ? what's the need of setting a function to execute in 1 millisecond, one to execute at 'onload' and one now.
is that paranoia or is it really worth ?
Many THanks in advance Reg
© Stack Overflow or respective owner