Comments on: Modern-Day Frame Busting With X-FRAME-OPTIONS And "This content cannot be displayed in a frame" Warnings http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/ where things have nothing to do with beer - tutorials, tips, how-tos, thoughts, hacks, and other techy nonsense Sat, 11 Feb 2012 17:00:25 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Martinhttp://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-52244 Martin Sun, 27 Nov 2011 02:38:44 +0000 http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-52244 There are many legitimate uses for using frames to connect sites of different origins. I feel this development damages an important tool. Any genuine security risks could be dealt with much more gracefully, rather than simply breaking a feature. If kids are typing bad words into a computer you don't fix the problem by taking away the keyboard. There are many legitimate uses for using frames to connect sites of different origins. I feel this development damages an important tool. Any genuine security risks could be dealt with much more gracefully, rather than simply breaking a feature.

If kids are typing bad words into a computer you don't fix the problem by taking away the keyboard.

]]> By: Dianahttp://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-52227 Diana Wed, 16 Nov 2011 04:58:20 +0000 http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-52227 Yes, but how do we rid our PC of this message when it pops up? This content cannot be displayed in a frame To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame. Yes, but how do we rid our PC of this message when it pops up?

This content cannot be displayed in a frame

To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame.

]]> By: Rolandhttp://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-43546 Roland Thu, 15 Jul 2010 15:30:32 +0000 http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-43546 Seems to me like an option that will probably be used more for things it wasn't intended for than the things it was intended for. I use noScript to block pages from doing all kinds of things I do not want, but here is accomplishes the opposite: it prevents me from looking a a page the way I want to. The usability of sites like google image search will be limited more and more if sites start adding this header. I fear the moment wordpress, joomla, drupal, etc. make this header a default. It will basically make frames useless. And unfortunately this 'protection' only protects the sites that want to be protected, so it is very limited until it becomes the default way of working. It should have been a browser setting, not a page header. Pages that do not let themselves be molded to the wishes of the user, are annoying. That's why we all hate pop-ups, right-click protection, etc. And framebusting. I know many web publishers find that their webpage should be viewed full screen, but that is not allways what I, the reader, the person they make their site for, want. I fear that X-FRAME_OPTIONS will become the next weapon for publishers to enforce their wishes upon their readers, so I've come to the conclusion that it is an annoyance, rather than a good thing. Seems to me like an option that will probably be used more for things it wasn't intended for than the things it was intended for.

I use noScript to block pages from doing all kinds of things I do not want, but here is accomplishes the opposite: it prevents me from looking a a page the way I want to.
The usability of sites like google image search will be limited more and more if sites start adding this header. I fear the moment wordpress, joomla, drupal, etc. make this header a default. It will basically make frames useless.

And unfortunately this 'protection' only protects the sites that want to be protected, so it is very limited until it becomes the default way of working.

It should have been a browser setting, not a page header.

Pages that do not let themselves be molded to the wishes of the user, are annoying. That's why we all hate pop-ups, right-click protection, etc. And framebusting.

I know many web publishers find that their webpage should be viewed full screen, but that is not allways what I, the reader, the person they make their site for, want.

I fear that X-FRAME_OPTIONS will become the next weapon for publishers to enforce their wishes upon their readers, so I've come to the conclusion that it is an annoyance, rather than a good thing.

]]> By: Artem Russakovskiihttp://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-31910 Artem Russakovskii Fri, 29 Jan 2010 19:14:02 +0000 http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-31910 Thank you. Indeed, you're right. Corrected. Thank you. Indeed, you're right. Corrected.

]]> By: Ergomanehttp://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-31909 Ergomane Fri, 29 Jan 2010 18:41:52 +0000 http://beerpla.net/2009/10/29/modern-day-frame-busting-with-x-frame-options-and-this-content-cannot-be-displayed-in-a-frame-warnings/#comment-31909 AFAIK token is SAMEORIGIN, no dash. AFAIK token is SAMEORIGIN, no dash.

]]>