JS代码：防止网页被Frame框架调用

先看看防止网页被Frame框架调用的JS代码：

<script language="javascript">
if(window.self != window.top){
    window.top.location.replace(window.self.location);
}
</script>

原理是判断window.self是否等于window.top。

范例代码
example.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>使用iframe引用网页</title>
</head>
<body>
<iframe src="js-no-iframe.html" style="width:600px;height:350px;"></iframe>
</body>
</html>

js-no-iframe.html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>使用JS防止网页被Frame框架调用</title>
<script language="JavaScript">
//网页如果被iframe引用，用此页强行代替父页
if(window.self != window.top){
    window.top.location.replace(window.self.location);
}
</script>
</head>
<body>
这是被iframe引用的页面
</body>
</html>

破解方法

​​​​​​​// 顶层窗口中放入代码 
var location = document.location; 
// 或者 var location = "";

范例代码
example2.html

​​​​​​​<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>iframe引用网页范例</title>
<script language="javascript">
  var location = document.location; 
</script>
</head>
<body>
<iframe src="js-no-iframe.html" style="width:600px;height:350px;border:1px;"></iframe>
</body>
</html>

从该范例看到，网页并不能被成功引用，所谓的破解代码并没有效果