educational

Breakout - The Frame Game

Just like the days of bell-bottoms, flower painted VW’s and the game of Breakout itself, fads seem to come back; and the Internet is no different. There was a time when using frames was the only way to make a large website easier to navigate and to this day quite a few websites still use frames.

Once DHTML and other navigation scripts began to take a hold, webmasters utilized all of their newfound space as ways of advertising. Just take one look at About.com and you’ll see what I’m talking about.

Our problem lies in how do we protect our content or site from being trapped inside frames and believe it or not, visa versa.

When we talk of website security, we consistently talk about hot linking and bandwidth stealing and how to put a halt to it, or at least protect ourselves the best way that we can. All too often we see articles concerning .htaccess with Allow/Deny and re-write rules that do a pretty solid job of stopping all but the savviest of thieves. While these are effective, some have rediscovered the old trick of capturing a website or page within a frameset either by accident, or by design. Most of us have come across one of these sites at one time or another; you click on a link and someone else’s site loads in the main window frame. For those of you that haven’t, click here for a working example. If you’re a web master that has had this happen to your site, then you know the frustration of not being able to do anything about it, or at least you may not have thought so.

Today, we look for increased opportunities to promote our sponsors or up sell our sites. One of the newest practices (but still an old trick) is webmasters beginning to place their gallery images within actual web pages. By doing so, you can add banners, Meta tags and text to lure search engine bots and promote your sponsors. While this is an excellent idea, it’s these kinds of things that gets a site or yourself noticed; by both the good and the unscrupulous. By now you’re probably thinking just what does security, the use of frames, and putting content into web pages all have in common. During the times of heavy frame use, bandwidth and content thieves found standard sites easy pickings. All they had to do was to simply place a link within the main frameset to an outside site or page, the surfers would click on the link and Poof; there’s a page containing someone else’s content.

Our problem lies in how do we protect our content or site from being trapped inside frames and believe it or not, visa versa. While we always think of our content being caught in the throws of frames, there are those out there that will link to a page that was specifically built to be viewed within frames. Which poses an even bigger question, how can we keep our pages safe (forced) within our frameset? Let’s take a look at some snippets of code and answer these questions...

Our first tidbit is for those that run a standard non-framed site. In order to "Breakout" of a framed site within the same window, all we have to do is place the code below after the <HEAD>
tag:

<HEAD>
<SCRIPT>
<!--
if (window!= top)
top.location.href=location.href
// -->
</SCRIPT>

In many cases the above code will be just fine and preferred for those that use other Java scripts within their page. A second more effective way of breaking out of unwanted framesets uses a <BODY OnLoad="CheckStatus()";>
snippet. Some of you may run into a problem with this especially having multiple OnLoad events. There’s a very simple solution to that problem which I’ll post to the forum for all to see. To use the more effective version, we have two steps:

• Step 1: Paste this code into your head tag

<HEAD>
<SCRIPT>
function checkStatus() {
page = self.location.href;
if (page != top.location.href) {
top.location.href = page;
return true;
}
}
</SCRIPT>
</HEAD>

• Step 2: paste this into your body tag

<BODY onLoad="checkStatus()";>

If your body tag includes background color, etc. You’ll want to paste the new text at the end of the beginning <BODY>
tag. Example:

<BODY bgcolor="#FFFFFF" background="path/file.gif" onLoad="checkStatus()";>
In other words, the offending site will be completely gone and the browsers back button isn’t going to bring it back.

As I mentioned before, both codes above will effectively break your page out of a frameset. The use of them will not only do so, but it will use the initial window in which your page was initially called. In other words, the offending site will be completely gone and the browser's back button isn’t going to bring it back. If you don’t want to blow out the offending site and just want to make sure your page or site breaks out of the frameset in a new window, then use the code below. Again, just paste the code into the head tag of your pages.

<HEAD>
<SCRIPT language="JavaScript">

<!--
if (self != window.top) {
window.open(location.href);
}
//-->
</SCRIPT>
</HEAD>

Now, with all of that said, what about those that use sites with frames and don’t want standard sites to link to your separate pages? As in the examples above, our first step is to copy the code exactly as it below and paste it into the head tag. The second step is to change the location.href url ‘index.html’ to the url of your frameset page. This effectively forces that page to load your site (frameset) in the window and "breakout" of the offending non-frame site.

<HEAD>
<SCRIPT LANGUAGE="JavaScript">

<!-- Begin
if (parent.location.href == self.location.href) {
// change the index.html below to the url of
// your frameset page...
window.location.href = 'index.html';
}
// End -->
</script>
</HEAD>

Confused yet? Still with me? While none of the above is completely fool proof for breaking out of frames or even forcing your page back into them, they are a heavy deterrent and will work effectively against all but the most advanced scripting. With all of the security scripts and talk, just a simple piece of code can save you a ton of headaches.

And as I sit here reading back over the article, my son walks by and comments, "Hey dad, I remember that game, Breakout right? I use to play it!" and I replied, "I still do…." ~ Shiprekd

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

WIA Profile: Lainie Speiser

With her fiery red hair and a laugh that practically hugs you, Lainie Speiser is impossible to miss. Having repped some of adult’s biggest stars during her 30-plus years in the business, the veteran publicist is also a treasure trove of tales dating back to the days when print was king and social media not even a glimmer in the industry’s eye.

Women in Adult ·
opinion

Fighting Back Against AI-Fueled Fake Takedown Notices

The digital landscape is increasingly being shaped by artificial intelligence, and while AI offers immense potential, it’s also being weaponized. One disturbing trend that directly impacts adult businesses is AI-powered “DMCA takedown services” generating a flood of fraudulent Digital Millennium Copyright Act (DMCA) notices.

Corey D. Silverstein ·
opinion

Building Seamless Checkout Flows for High-Risk Merchants

For high-risk merchants such as adult businesses, crypto payments are no longer just a backup plan — they’re fast becoming a first choice. More and more businesses are embracing Bitcoin and other digital currencies for consumer transactions.

Jonathan Corona ·
opinion

What the New SCOTUS Ruling Means for AV Laws and Free Speech

On June 27, 2025, the United States Supreme Court handed down its landmark decision in Free Speech Coalition v. Paxton, upholding Texas’ age verification law in the face of a constitutional challenge and setting a new precedent that bolsters similar laws around the country.

Lawrence G. Walters ·
opinion

What You Need to Know Before Relocating Your Adult Business Abroad

Over the last several months, a noticeable trend has emerged: several of our U.S.-based merchants have decided to “pick up shop” and relocate to European countries. On the surface, this sounds idyllic. I imagine some of my favorite clients sipping coffee or wine at sidewalk cafés, embracing a slower pace of life.

Cathy Beardsley ·
profile

WIA Profile: Salima

When Salima first entered the adult space in her mid-20s, becoming a power player wasn’t even on her radar. She was simply looking to learn. Over the years, however, her instinct for strategy, trust in her teams and commitment to creator-first innovation led her from the trade show floor to the executive suite.

Women in Adult ·
opinion

How the Interstate Obscenity Definition Act Could Impact Adult Businesses

Congress is considering a bill that would change the well-settled definition of obscenity and create extensive new risks for the adult industry. The Interstate Obscenity Definition Act, introduced by Sen. Mike Lee, makes a mockery of the First Amendment and should be roundly rejected.

Lawrence G. Walters ·
opinion

What US Sites Need to Know About UK's Online Safety Act

In a high-risk space like the adult industry, overlooking or ignoring ever-changing rules and regulations can cost you dearly. In the United Kingdom, significant change has now arrived in the form of the Online Safety Act — and failure to comply with its requirements could cost merchants millions of dollars in fines.

Cathy Beardsley ·
opinion

Understanding the MATCH List and How to Avoid Getting Blacklisted

Business is booming, sales are steady and your customer base is growing. Everything seems to be running smoothly — until suddenly, Stripe pulls the plug. With one cold, automated email, your payment processing is shut down. No warning, no explanation.

Jonathan Corona ·
profile

WIA Profile: Leah Koons

If you’ve been to an industry event lately, odds are you’ve heard Leah Koons even before you’ve seen her. As Fansly’s director of marketing, Koons helps steer one of the fastest-growing creator platforms on the web.

Women in Adult ·
Show More