[ic] Allowing a particular domain access to content
peter at pajamian.dhs.org
Mon May 24 20:04:24 UTC 2010
On 25/05/10 03:15, Rene wrote:
> On 24.05.2010 17:05, Paul Jordan wrote:
>> Site1 is displaying content through an iframe. I checked and the only
>> IP's that are in [env] are the visitor, and Site2, Site1 is only
>> mentioned in the referrer. Since the iframe is really called from the
>> visitors browser I guess there is really not much I can do.
>> Is there anything I can suggest to these people that would make it more
>> plausible to achieve this type of security?
> Hi Paul!
> What you need is a framekiller. There is plenty of different ideas out
> there, but here i found a nice place you can start from:
> Of course this requires that the user has JS enabled, but the chance the
> would not is quite small..
Nope, he wants the reverse ... to reliably make sure that the page is
displayed inside a frame from a specific URL.
More information about the interchange-users