Frame Breaker

The classic defense against framing. This script compares your current window location with the top-level window. If they don't match, it forces the browser to reload your page as the main window.

Copy the Script

<script>
// Frame Breaker
if (top.location != self.location) {
    top.location = self.location.href;
}
</script>

Frequently Asked Questions

Attackers can frame your site and place invisible layers over it (Clickjacking) to trick users into clicking buttons they didn't intend to, like 'Delete Account'.

No. The HTTP header 'X-Frame-Options: DENY' is the modern standard and is more secure. This JavaScript method is a fallback for older browsers or situations where you cannot edit server headers.

Yes. If you legitimately frame your own pages, this script will break that functionality unless you modify it to check the 'document.referrer'.

Frame Breaker

Copy the Script

Frequently Asked Questions

Why is framing dangerous?

Is this better than X-Frame-Options?

Will this affect my own iframes?