 |
|
|
Hijacking of your web content within another website's frames can be
done anytime to any of your web pages, not just to your PicoSearch.
It's obnoxious, it's a problem, and if you've had it happen to you then
you know what we mean. Another site will link to your site (great!) but
only show you within their frames (ugh), so it looks like your
information is being provided by someone else, and your brand
recognition is completely compromised.
Especially since PicoSearch is a window onto all of your pages, we want
you to know how to prevent hijacking by frames. With this prevention,
you can invite anyone to paste your search engine's code to their site,
secure in knowing that their visitors will become your visitors and the
other site will become history (literally, browser history).
The standard Javascript to bring your pages to the top of a frameset is
the following. It should be added within the head tags of your HTML
page.
<script language="JavaScript">
<!-- Begin code
if (window != top) top.location.href = location.href;
// End code -->
</script>
Now you are welcome to know this trick and add it to any of your website
pages in general. Be warned that if you are using frames yourself,
then you will need to devise custom code that will enforce your top
frameset without simply promoting your bottom frames above your own top
frames. Such things can be done, but that's serious JavaScript hackery
for your own webmaster to work on.
If you are a PicoSearch Free account, then you cannot simply add the
frame resetting code to your search results pages. You will just have
to rely on the visibility of your site's own logo at the top of the
search results page, in order for your site to stay obvious during a
hijacking. You can however set the links of the results to target to
the top, so if a search user does click through then the hijacker's
frames will be discarded. See the "Bring up clicked URLs in frame..."
option of your Configure Results section in your account manager. Just
be aware of how this may affect your own frames, of course.
If you are a paying PicoSearch account, then you can add the frame
resetting code in your template. Provided that this does not interfere
with your own use of any frames, this will work to throw off hijackers.
Notice that because the hidden arguments for your index and query must
be persisted as well, you will need the following code addition (see the
red type). _FORMQUERY is the template code to plug in the current
query, and can be used anywhere in your template.
<script language="JavaScript">
<!-- Begin code
if (window != top) top.location.href = location.href + "?query=_FORMQUERY&index=(your account ID)";
// End code -->
</script>
|
|
 |
|
|
