Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
"Do iframes trigger cross-site scripting warnings in the browser?" in my experience not unless you write the warnings yourself
"Frame "killer" sounds too extreme. You did try inspecting the page for iframes, right?" i didn't name it, yeah i checked there are iframes
in the end the solution is to get statistics (e.g. off newrelic) of how many people use stupid browsers like old internet explorer and realize it's not fucking worth it
When you prove its a hardware probelm
That sad sad moment you spot someone returning HTML in an ajax request 🥺
Why lord must you punish me?
I'm too retarded to understand how the fuck to get iframes (of other pages on our site) somebody wrote in the past in our code base to not become the page (the original has 2 other pages on our site "embedded") https://cheatsheetseries.owasp.org/...
I don't even fucking understand if I implemented the recommended framekiller code correctly, but it fucks shit up like the not recommended framekiller code so I'll settle for it. I also enjoyed (actually I didn't) reading about how this javascript framekiller stuff is fucking stupid anyway and mainly only applicable for old legacy browsers (in which case go fuck yourself anyway, just use a modern browser which benefits with from the x-header-options whatever the fuck, which was easier to implement and juSt WeRKs)
Guess I have no choice but to write AJAX to do this dumbass shit.
It's a shame I have no fucking clue how to fuckign front end
rant
iframe
ajax
killme
framekiller
embed