Detecting if this is an iframe load or direct

2020-02-26 11:09发布

问题:

I am looking to only show a form if it is pulled on a page within an iframe. How do I do that? Is there a server side solution?

回答1:

If you are using JQuery... (installation instructions here: http://jquery.com/ )

$(document).ready(function(){ 
    if( window == window.top) { $('form#myform').hide(); }
});

Which just hides the form with id "myform" if the window is not the topmost window.



回答2:

I can't think of purely serverside way, but you could use a bit of hybrid javascript/rails.

assuming that you have a dedicated iframe layout template e.g. 'layouts/iframe.erb'

you could put some javascript in the head to check if it is being loaded as an iframe, and if it is not, redirect to an action and maybe display a flash msg "can only load this page inside application"

The javascript/rails for the head

    <script type="text/javascript">

        function parentExists()
        {
         return (parent.location == window.location)? true : false;
        };

        function check_modal(){
        if (parentExists()) {
          window.location = '<%= url_for( :controller => "home", :action => 'iframe_action', :iframe_fail => 'true')%>'}
        }
        check_modal()
    </script>

notice the param :iframe_fail which you could check for in a controller and do whatever you please if that param is present e.g. display flash msg or redirect

example controller

def iframe_action
  if params[:iframe_fail]
         flash[:notice] = 'can only load inside app'
      else
       #do something else
      end
end

Not real pretty but might help you get the job done.



回答3:

My iframe tag was like

%iframe{:height => "98%", :width => "98%",:"id" => "profileIframe"}

I wanted to hide header of my webpage within this iframe hence I used code as:


var $frame = $(window.parent.frames["profileIframe"]).contents();  
$frame.find('.header-ui').hide();

If you observe then contents() returns a element as "#document", which is html of iframe, hence calling a javascript without this will try to access your actual webpage rendered in background of iframe.



回答4:

You can only check it on the client side via JavaScript.

However: DO NOT DO THAT. There are plenty of legitimate uses of putting a site in a (i)frame. Breaking out of such iframe or changing your site in any way in such circumstances them will only make your users pissed unhappy.