Not Sure Why Apache Server Automatically Put A Site In Frame - html

Is there a configuration somewhere in Apache server that causes all pages to be in a Frame? I can't seem to figure it out.
<html>
<head>
<title>Platform</title>
<meta name="keywords" content="Platform">
</head>
<frameset rows="100%,*" border="0">
<frame src="http://someURL" frameborder="0">
<frame frameborder="0" noresize="">
</frameset>
<!-- pageok -->
<!-- 01 -->
<!-- -->
</html>
It essentially takes the meta tag out and use it for parent page and have everything else in the content of the page in the Frame.
Please let me know if you have any idea. I can't reproduced it locally on my laptop so I figured there has to be some configuration that doesn't match, but I have no idea where to even start looking. The same configuration for reverse proxy is used.

Is there a configuration somewhere in Apache server that causes all pages to be in an iFrame?
Not that I've ever heard of.
This sort of framing is typical of sites that have bought a domain name and are using it via Masking instead of using proper DNS hosting.

Related

load https site from a frame

consider this:
<html>
<frameset cols="50%,50%" frameborder=no border=no framespacing=no>
<frame src="http://site1.com">
<frame src="https://site2.com">
</frameset>
</html>
I've saved this file into myCompareFrames.html and trying to open it with google-chrome.
the reason for this was to have two frames next to each other so I can compare some results (instead of having two pages open LOL)
however it only opens the http and NOT https (note: none of the sites are local)
So my questions are:
why can it load a http and not a https?
Is there an easy way of this way?
NOTE:
If no easy way of doing this, I'll be happy with the explanation of why this would happen as I'm so curious but I'm not going to spend hours on silly problem like this.
For a local file
<html>
<frameset cols="50%,50%" frameborder=no border=no framespacing=no>
<frame src="http://spiegel.de">
<frame src="https://www.wikipedia.org">
</frameset>
</html>
Firefox developer edition loaded both pages.
Yet, there were problems when using stackoverflow.com instead of spiegel.de, for example.
So, it might be site-dependent. As a guess, it might be that the https elements, which certainly exist for SO, caused the load to fail, in combination with mixed-content protection (which exists for IE and Chrome, as well). The web console showed no errors.
As for why it is a security problem, see f.ex. https://security.stackexchange.com/questions/38317/specific-risks-of-embedding-an-https-iframe-in-an-http-page

Removing header <frameset> in redirected sites

I am facing an issue with mobile version of my site. The site is hosted on a different domain.
I Tracked down the issue and saw that its being caused by the being wrapped on top of my actual html code.
Here is a snippet:
<html>
<head>
<title>Where are you</title>
<meta name="robots" content="noindex, nofollow">
<meta name="description" content="Let’s your friends and family know about your where about.">
<meta name="keywords" content="Stay connected, Plan meetup, Unreachable friend, Share location, Share photos">
</head>
<frameset rows="100%">
<frameset cols="100%">
<frame src="http://wru.buttur.com" frameborder="0">
#document
</frameset>
</frameset>
</html>
My website is getting loaded inside "#document".
Can i do some configuration on my domain to prevent this from happening.
I know this is old, but I am responding because we had a similar problem where some outside entity managed a website, and we took over after it became broken.
It was a wordpress site and everything was being wrapped inside a frameset. We were baffled by the fact that direct browser requests to hosted javascript files would work fine, but within the page it would become wrapped in frames in the network response.
Even direct jQuery.getScript() calls from external sites would exhibit the scenario. Again, worked fine if typed into browser url bar.
Turns out there's something called DNS frame forwarding.
Here's a topic that covers the scenario:
https://stackoverflow.com/questions/7083391/godaddy-dns-forward-to-ip-adds-frames-to-html
Edit:
Looks like a moderator removed that post. How strange!! Too bad as well, that post had exactly the right answer with exactly the right description.
Well basically anyone coming across this, just research DNS frame forwarding. You'll find your answer there.
Terms for google:
website wrapped in frameset
javascript responds in frame
css in frame
Resource interpreted as Stylesheet but transferred with MIME type text/html
Uncaught SyntaxError: Unexpected token <

Why doesn't <iframe> work properly for me?

I have a simple bit of HTML code:
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>iframe Practice</title>
</head>
<body>
<div>
<iframe src="//embed.gettyimages.com/embed/183351352?et=dbA2ZDFzQUqFbu8nRMfGww&sig=ozPqnsmwjm88sptsMM2UVS70lzd2ci-9q27BF6R0TzU=" width="507" height="407" frameborder="0" scrolling="no"></iframe>
</div>
</body>
</html>
When saved with .html extension and opened in a multiple browsers, I get a message saying "The file or directory could not be found." This is a very silly question, can somebody help me out with this?
Thanks!
You are using a scheme relative URI (one that begins with //).
This preserves the current scheme, so the content will load if you view it in a document hosted on http: or https: (normally you would get a security error if you tried to load an https: document into an http: document or vice versa).
You appear to not be using a web server, so you are trying to access the document via file: where it is not available.
You can either use an explicit scheme (replace // with http://) or do your testing on a web server (you can install one on your development system).
I'd generally recommend picking the latter option, there are many issues that crop up when you are testing documents on file: and using a development server bypasses them all.
Simply "//embed... in the iframe element's src property to http://embed....
<iframe src="http://embed.gettyimages.com/embed/183351352?et=dbA2ZDFzQUqFbu8nRMfGww&sig=ozPqnsmwjm88sptsMM2UVS70lzd2ci-9q27BF6R0TzU=" width="507" height="407" frameborder="0" scrolling="no"></iframe>
Are you trying to load the file locally with file://xxxxxxx You can not load and iframe this way you need to run it with a web server

Google and Amazon won't work in frames?

Am I missing something?? This code, which I think is fine, comes up with an empty page. If you change one of the URLs to facebook.com, that won't load either. Are Google, Amazon and Facebook all blocking their site from showing if it's in a frameset? (Why wouldn't they just bust out?) Or is my HTML flawed?
<html>
<head>
<title>Test</title>
</head>
<FRAMESET ROWS="71, *" FRAMEBORDER=NO FRAMESPACING=0 BORDER=0>
<FRAME SRC="http://google.com">
<FRAME SRC="http://www.amazon.com/dp/0307951529?tag=fw-book-20" name='btm'>
</FRAMESET>
</html>
They're blocking frames using x-frame-options. If you view their response headers you'll see this:
x-frame-options SAMEORIGIN
This works regardless if JavaScript is enabled. However, it does require a relatively modern browser as listed on the MDN page I linked to.
My suggestion, find a more elegant way to do what you're trying to accomplish without using frames. Frames are evil and have created some of the most evil webApps out there. Please refrain, and let us help you find a better way to solve what ever problem it is you're trying to solve by using frames.
I even support properly used iFrames, but not famesets...

Get Frame src URL in address bar

I'm working on making a mobile version of a website hosted on a GoDaddy Windows server. The way GoDaddy apparently handles a mobile subdomain is by having that webpage be inside a frame. For example:
<head>
</head>
<frameset rows="100%,*" border="0">
<frame src="myurl.com" frameborder="0" />
<frame frameborder="0" noresize />
</frameset>
<!-- pageok -->
<!-- 02 -->
<!-- -->
</html>
The problem is that any link I open in that page opens within the frame and the URL in the address bar never changes. So my question is how can I get the frame URL to show in the browser's address bar. As far as I know, GoDaddy doesn't give me access to the file with the above html in it to allow me to alter that. Each page has an initial php script ran to check if it needs to redirect to a mobile browser, so if there is a way to do this with PHP, I can easily implement it.
Thanks for any help you guys can offer.
You can accomplish this using JavaScript on your page:
top.location.href = document.location.href;
This effectively "breaks" out of the parent frame by setting the parent frame window location to the location of the current frame.
Of course, you'd want to have some sort of indicator that you just broke out of the frame as to prevent looping:
if (
(document.location.href.indexOf("#ibrokeout") == -1) &&
(top.location != location)
) {
// Break out of the frame
top.location.href = document.location.href + "#ibrokeout";
}
Hope this helps.