Javascript – How to use your JavaScript framework to prevent Clickjacking

javascriptSecurity

I've been using a custom function for some time now to prevent clickjacking on certain sites. However, I've been surprised to find there's not a lot out there about how to do this 'idiomatically' using the various popular JavaScript frameworks.

Are there users of jQuery, Dojo, YUI, and/or ExtJS that have used their framework to implement clickjacking protection? I'd love to see examples!

Best Answer

Why use a library? You could just do:

var all = document.getElementsByTagName('iframe'), l = all.length;
while (l--) all[l].parentNode.removeChild(all[l]);

But if you really feel you need a library. In jquery this is pretty easy, just find all iframes and remove them.

$(document).ready( function() { $('iframe').remove(); });