如果self === top或google.com [英] if self === top or google.com

问题描述

<script type="text/javascript">
         if (self === top) {
          var antiClickjack = document.getElementById("antiClickjack");
          antiClickjack.parentNode.removeChild(antiClickjack);
         } else {
          top.location = self.location;
         }
      </script>

我有这样的代码，该代码不允许iframe，但我只想允许google.com中的iframe，我该怎么做?

I have this code that does not allow iframes but I want to allow iframes only from google.com how can i do this?

我认为伪代码是如果(自己===顶部)或google.com ，但不知道如何使用javascript

I think the pseudo-code would be if (self === top) or google.com but dont know how to do this in javascript

推荐答案

您可以使用 top.location.host 来检查主机名，如下所示:

You can check the host name with top.location.host like this:

if (self === top || top.location.host === 'google.com') {
  //good to go
}

但是如果主机名不同，则无法更改顶部的位置:

BUT you cannot change the location of the top if the host names are different:

if (self != top) {
  document.write('cross domain');
}
if (self.location.hostname !== top.location.hostname) {
  top.location.href = self.location.href; //throws exception
}

投掷:

未捕获到的SecurityError:阻止了具有原点的帧" http://mbr.domain2.com "访问具有原始位置的框架" http://mbr.domain.com ".协议，域和端口必须匹配.

Uncaught SecurityError: Blocked a frame with origin "http://mbr.domain2.com" from accessing a frame with origin "http://mbr.domain.com". Protocols, domains, and ports must match.

所以，我认为这不会做您想要的事情.

So, I don't think this is going to do what you want.

这篇关于如果self === top或google.com的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！