How to block website from loading in iframe?

by arnoldo.moen , in category: HTML & CSS , 4 months ago

How to block website from loading in iframe?

Facebook Twitter LinkedIn Telegram Whatsapp

1 answer

Member

by dedrick , 4 months ago

@arnoldo.moen 

To block a website from loading in an iframe, you can use the X-Frame-Options header in your website's server configuration. This header defines whether a website can be displayed in an iframe.


To prevent a website from being loaded in an iframe, you can set the X-Frame-Options header to 'DENY' or 'SAMEORIGIN'.


For example, if you want to block a website (example.com) from being loaded in an iframe on your website, you can add the following line to your server configuration file:


Header set X-Frame-Options DENY


Alternatively, you can use the Content-Security-Policy header to block a website from loading in an iframe. You can set the frame-ancestors directive to 'none' in the CSP header to prevent the website from being loaded in an iframe.


For example:


Content-Security-Policy: frame-ancestors 'none'


By setting the X-Frame-Options or Content-Security-Policy header, you can effectively block a website from loading in an iframe on your website.