Arun Kumar T
3
Q:

how to do Employing defensive code in the UI to ensure that the current frame is the most top level window

Protected Sub Application_BeginRequest(sender As [Object], e As EventArgs)
  Response.Headers.Remove("X-Frame-Options")
  Response.AddHeader("X-Frame-Options", "DENY")
 End Sub
0
<script>
    try {
        if (top.location.hostname != self.location.hostname) throw 1;
    } catch (e) {
        top.location.href = self.location.href;
    }
</script>
0
<system.webServer>
  ...
  <httpProtocol>
    <customHeaders>
      <add name="X-Frame-Options" value="SAMEORIGIN" />
    </customHeaders>
  </httpProtocol>
  ...
</system.webServer>
0

New to Communities?

Join the community