Checking if my page is embedded in an iframe

You could use JavaScript, I think something like the following should work:

if (top != self) {
    // you're in an iframe, or similar.

Link to original, meyerweb, article.

Edited with regard to the question’s update:

Addition : I’m especially interested if there would be a method to test this on the server rather than in the client with Javascript

This can’t be ‘checked’ on the server side, but, you could use the X-Frame-Options header, there are two options:

  1. DENY: prevents the resource being framed anywhere (assuming the browser supports the X-Frame-Options header, anyway), or
  2. SAMEORIGIN: which allows framing of the resource only by pages from the same-domain, much like JavaScript’s same-origin policy.

To use this, you’d need to configure your server to send the relevant header; though specific advice for that can’t be given without knowing what server you’re running; though the linked article at the Mozilla Developer Center does show the Apache option.

Leave a comment