想了解iframe突破代码 [英] Want to understand iframe breakout code

问题描述

将这个脚本代码(如下)放置在head标签之间后，我被告知这将不允许页面加载到iframe中.

With this script code (below) placed in between the head tags, I am told that this will not allow the page to load in an iframe.

如果这是正确的，那么是否有需要用我的自定义URL或此代码中的类似内容替换的内容(例如，top.location应该为top.myurl)?

If this is correct, is there anything that needs to be replaced with my custom URL or similar in this code (e.g., top.location should be top.myurl)?

还是您将其保留不变，然后将其粘贴到页面的顶部?我试图了解其工作原理.

Or do you leave it as it is, and just paste it in the head of the page? I'm trying to understand how this works.

if (top.location!= self.location) {
  top.location = self.location.href
}

推荐答案

如果将代码放在iframe内部引用的HTML中，则此代码将起作用.它的工作方式是查看top(您请求的包含iframe的页面)和self iframe内部的页面.如果存在差异，则会更改top.location以匹配iframe的URL.

This code will work if it is placed in the HTML that is referenced inside an iframe. The way it works is it looks at top (the page you requested that includes an iframe) and self the page inside the iframe. If there are different then it changes the top.location to match the URL of the iframe.

这里有一些ASCII可以帮助理解这一点

Here is some ASCII to help understand this

|----[OuterPage.html]------|
|                          |
|    |--[InnerPage.html]-| |
|    |                   | |
|    | top !== self      | |
|    |                   | |
|    |-------------------| |
|                          |
| top === self             |
|                          |
|--------------------------|

如果您单独请求InnerPage.html(不在iframe中)，则top === self的计算结果为true，但是，如果在iframe中请求相同的页面，则相同的条件结果为false.

If you request InnerPage.html by itself (not in an iframe) then top === self will evaluate to true, however if you request the same page inside an iframe then the same condition will evaluate as false.

这篇关于想了解iframe突破代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！