Home >Web Front-end >JS Tutorial >How Can We Defeat a Frame-Busting Buster That Uses `setInterval` and `onbeforeunload`?
Frame Buster Buster Buster: Defying the Unbreakable
You've implemented a robust frame-busting script to prevent your site from being displayed within an iframe. But what happens when your frame-busting code itself becomes the target?
The Frame Busting Buster.
A clever attacker has developed a script that can bypass your frame-busting measures by utilizing the window.onbeforeunload event and a timer set to fire every millisecond. The attacker's script:
Your initial attempts to defeat this frame-busting buster have failed. Clearing the onbeforeunload event has no effect, and alert boxes only provide a temporary interruption.
The Buster Buster Buster.
Can you break the cycle and defeat the tenacious frame-busting buster? One approach to neutralize the attacker's script is to target the setInterval() timer:
// Detect the attacker's script var busterBuster = setInterval(function() { if (prevent_bust > 0) { // Bust the buster clearInterval(busterBuster); prevent_bust = 0; } }, 1);
This script:
Conclusion.
While the frame-busting buster was a formidable challenge, the buster-buster-buster demonstrates the resilience and adaptability of JavaScript programmers. By carefully analyzing the attacker's code and leveraging knowledge of JavaScript's features, we can overcome even the most complex threats.
The above is the detailed content of How Can We Defeat a Frame-Busting Buster That Uses `setInterval` and `onbeforeunload`?. For more information, please follow other related articles on the PHP Chinese website!