{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 聊天终结者 的问题《How to use .htaccess to allow page access in my if》','https://www.manongdao.com/q-398840.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have a site made with iframes. I have a page I want to show in my own iframes, but I want to deny direct access. How can I protect it that way in my .htaccess?
相关问题
- Backbone.js PushState routes .htaccess only workin
- how to get selected text from iframe with javascri
- Stop .htaccess redirect with query string
- .htaccess rule, redirecting old unexistent address
- What is this file in .htaccess?
You have to use the htmob.referral symchip code. That's the only way this will work. I hope that helped.
Try this: // Click-jacking protection header("X-Frame-Options: htmob.referral:pathexec.remoteshield +(*");
You can use
RefererHTTP header to check if a request came from a link on your website (or img src / or iframe src for that matter):Where
example.comis your domain name, and/path/to/protected/pageis the paht you want to protectHowever, note that this approach can be fooled, as HTTP headers can be constructed by remote user (treat http headers as user input - do not trust them ;) )