5

I would like to use PHP to check if the page is being loaded in an iframe. Preferably, but not required, I would like to have the parent's url when applicable. Thank you.

Improve this question
2
  • Javascript will be able to determine this Commented Sep 24, 2012 at 23:13
  • 1
    Once php finishes executing it sends the output to apache and apache makes it available to your browser so once it gets rendered by your browser php is no longer "active", assuming you have control over the page that is using your page as an iframe you can add a parameter to the url indicating this is "iframed", that would help you take any decisions you would need on your php script Commented Sep 24, 2012 at 23:13

4 Answers 4

Reset to default
11

Php cannot tell the context for which the request is made. It doesn't know anything except what is passed to it and available as server variable. You could add your own get parameter to the url to be used when putting your page in an iframe, but otherwise you are out of luck.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I will have to use a parameter in conjunction with JS for visibility of content. Thanks
5

JavaScript is required for this; there is absolutely no way for PHP to know dependably. In JavaScript you could use

window.top === window.self;
Improve this answer

Comments

1

Yes, In 2021 this is possible to check URL Embed on iframe or not with get_header PHP's function, I made this below function :

public function allowEmbed($url = 'https://stackoverflow.com/') {

        try {
            $headers = get_headers($url);
        } catch (\Exception $e) {
            $headers = [];
        }

        $blackList = [
            'x-frame-options: sameorigin',
            'x-frame-options: allow-from',
            'x-frame-options: deny',
        ];

        $headers = array_map('strtolower', $headers);

        $check = array_intersect($blackList, $headers);

        if(!$check) {
            return ['status' => 1, 'message' => 'Passed'];
        } else {
            return ['status' => 0, 'message' => 'Fail'];
        }   
}
Improve this answer

Comments

0

I think there is some possibility to detect iframe by PHP global variable $_SEVER["HTTP_REFERER"]. In this variable is a url of parent window.

Improve this answer

4 Comments

It's not very reliable, even according to the docs.
PHP is a web server and is involved only in the dynamic building of html code and delivery over a network. Details about ways the HTML is rendered in a browser are accessible via javascript.
This will not work the referrer will always be your site that is in the iframe. I have tried this and the first page load worked fine but as soon as you click a link in the iframe the referer is now your site and not the site holding the iframe.
PHP is server side language. There is no way in PHP to detect iframe.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.