Am I missing something?? This code, which I think is fine, comes up with an empty page. If you change one of the URLs to facebook.com, that won't load either. Are Google, Amazon and Facebook all blocking their site from showing if it's in a frameset? (Why wouldn't they just bust out?) Or is my HTML flawed?
<html>
<head>
<title>Test</title>
</head>
<FRAMESET ROWS="71, *" FRAMEBORDER=NO FRAMESPACING=0 BORDER=0>
<FRAME SRC="http://google.com">
<FRAME SRC="http://www.amazon.com/dp/0307951529?tag=fw-book-20" name='btm'>
</FRAMESET>
</html>
They're blocking frames using x-frame-options. If you view their response headers you'll see this:
x-frame-options SAMEORIGIN
This works regardless if JavaScript is enabled. However, it does require a relatively modern browser as listed on the MDN page I linked to.
My suggestion, find a more elegant way to do what you're trying to accomplish without using frames. Frames are evil and have created some of the most evil webApps out there. Please refrain, and let us help you find a better way to solve what ever problem it is you're trying to solve by using frames.
I even support properly used iFrames, but not famesets...
Related
I'm trying to make a webpage responsive which, by itself, works, but namecheap (which redirects to hopto (no-ip.com)), embeds everything in a frameset:
<frameset rows="100%, *" frameborder="no" framespacing="0" border="0">
<frame src="http://kmouratidis.hopto.org:8081/" name="mainwindow" frameborder="no" framespacing="0" marginheight="0" marginwidth="0">
</frameset>
which in turn means that the inner meta tag for checking viewport doesn't affect the outer frame. I'm pretty sure this is the intended behavior, I just want a suggestion as to how to solve this.
Printscreen (sorry, can't get view page source and view frame source to work well together) of what the whole code looks like
You can't control the HTML generated by your domain masking service.
You can't manipulate the DOM of that document later.
So: Get real domain hosting instead of using a masking service.
No-ip.com will provide that service.
consider this:
<html>
<frameset cols="50%,50%" frameborder=no border=no framespacing=no>
<frame src="http://site1.com">
<frame src="https://site2.com">
</frameset>
</html>
I've saved this file into myCompareFrames.html and trying to open it with google-chrome.
the reason for this was to have two frames next to each other so I can compare some results (instead of having two pages open LOL)
however it only opens the http and NOT https (note: none of the sites are local)
So my questions are:
why can it load a http and not a https?
Is there an easy way of this way?
NOTE:
If no easy way of doing this, I'll be happy with the explanation of why this would happen as I'm so curious but I'm not going to spend hours on silly problem like this.
For a local file
<html>
<frameset cols="50%,50%" frameborder=no border=no framespacing=no>
<frame src="http://spiegel.de">
<frame src="https://www.wikipedia.org">
</frameset>
</html>
Firefox developer edition loaded both pages.
Yet, there were problems when using stackoverflow.com instead of spiegel.de, for example.
So, it might be site-dependent. As a guess, it might be that the https elements, which certainly exist for SO, caused the load to fail, in combination with mixed-content protection (which exists for IE and Chrome, as well). The web console showed no errors.
As for why it is a security problem, see f.ex. https://security.stackexchange.com/questions/38317/specific-risks-of-embedding-an-https-iframe-in-an-http-page
I am facing an issue with mobile version of my site. The site is hosted on a different domain.
I Tracked down the issue and saw that its being caused by the being wrapped on top of my actual html code.
Here is a snippet:
<html>
<head>
<title>Where are you</title>
<meta name="robots" content="noindex, nofollow">
<meta name="description" content="Let’s your friends and family know about your where about.">
<meta name="keywords" content="Stay connected, Plan meetup, Unreachable friend, Share location, Share photos">
</head>
<frameset rows="100%">
<frameset cols="100%">
<frame src="http://wru.buttur.com" frameborder="0">
#document
</frameset>
</frameset>
</html>
My website is getting loaded inside "#document".
Can i do some configuration on my domain to prevent this from happening.
I know this is old, but I am responding because we had a similar problem where some outside entity managed a website, and we took over after it became broken.
It was a wordpress site and everything was being wrapped inside a frameset. We were baffled by the fact that direct browser requests to hosted javascript files would work fine, but within the page it would become wrapped in frames in the network response.
Even direct jQuery.getScript() calls from external sites would exhibit the scenario. Again, worked fine if typed into browser url bar.
Turns out there's something called DNS frame forwarding.
Here's a topic that covers the scenario:
https://stackoverflow.com/questions/7083391/godaddy-dns-forward-to-ip-adds-frames-to-html
Edit:
Looks like a moderator removed that post. How strange!! Too bad as well, that post had exactly the right answer with exactly the right description.
Well basically anyone coming across this, just research DNS frame forwarding. You'll find your answer there.
Terms for google:
website wrapped in frameset
javascript responds in frame
css in frame
Resource interpreted as Stylesheet but transferred with MIME type text/html
Uncaught SyntaxError: Unexpected token <
I got a code that refreshes the html page as per the seconds I desire. I am on an Mac and I use the TextEdit app to make the HTML file. This code works for www.apple.com but it does not work for say, https://www.bitcointalk.org or http://www.macrumors.com.
I am not sure why this is happening. All I am doing is replacing the apple URL with bitcointalk url. I know I can also do this refreshing via Safari extension, but I need this code to work.
Thanks a lot
The code I am using is:
<html>
<head>
<meta http-equiv="refresh" content="5">
</head>
<FRAMESET>
<FRAME src="http://www.apple.com/">;
</FRAMESET>
</html>
EDIT: What I am trying to do is, create this html and move it to my iPhone, so that I can do the web refresh through my phone. Right now there are only paid apps in the App store that lets you refresh a page automatically every few seconds/minute and they are not really that good.
As #esqew pointed out in their comment, the sites that aren't showing up forbid access via frames by setting the X-Frame-Options HTTP header to DENY or SAMEORIGIN.
See https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Is there a configuration somewhere in Apache server that causes all pages to be in a Frame? I can't seem to figure it out.
<html>
<head>
<title>Platform</title>
<meta name="keywords" content="Platform">
</head>
<frameset rows="100%,*" border="0">
<frame src="http://someURL" frameborder="0">
<frame frameborder="0" noresize="">
</frameset>
<!-- pageok -->
<!-- 01 -->
<!-- -->
</html>
It essentially takes the meta tag out and use it for parent page and have everything else in the content of the page in the Frame.
Please let me know if you have any idea. I can't reproduced it locally on my laptop so I figured there has to be some configuration that doesn't match, but I have no idea where to even start looking. The same configuration for reverse proxy is used.
Is there a configuration somewhere in Apache server that causes all pages to be in an iFrame?
Not that I've ever heard of.
This sort of framing is typical of sites that have bought a domain name and are using it via Masking instead of using proper DNS hosting.