I made a script to prevent XSS attacks in my website. This will be run in the IFrame automatically. The JScript Code is:-
Code:
// Secure page for XSS attacks
// IFrame XSS Prevention
// This will be injected into the page of the IFrame, and this function shall run in a timer!
(function() {
// Delete all known functions to use
var AJAX = function() { }; // Delete any known function for AJAX
var Ajax = function() { }; // Delete any known function for AJAX
var XMLHttpRequest = function() { }; // Delete any known function for AJAX
var alert = function() { return(false); }; // Delete any known function to bug user
// Delete all known prototypes
window.prototype.open = function() { }; // Delete any known function for opening obstructive windows
window.prototype.parent = null; // Delete any known function for to connect to the parent
document.prototype.createElement = function() { }; // Delete any known function for creating any elements
document.prototype.getElementById = function(x) { return(false); }; // Delete any known function for connecting to any element
window.prototype.frames = null; // Delete any known function for connection to any frames
document.prototype.location = function() { }; // Delete any known function for location changing
window.prototype.location = function() { }; // Delete any known function for location changing
// Set news functions
function $() { };
}){};
Thanks,
Akshit Soota