Clickjacking/Cross-Site Framing/Cross-Frame Scripting Test Page
<!DOCTYPE html> <html>
<title>Clickjacking / framing test</title> <script type="text/javascript"> function frameIt() { var url = document.getElementById("url").value; var iframe = document.getElementById("iframe");
iframe.src = url; }
document.addEventListener('DOMContentLoaded', function () { document.getElementById('submit-test').addEventListener('click', function() { frameIt(); } ); }); </script> <body> <h1>Test a page for clickjacking/framing vulnerability</h1> <p>Enter the URL to frame:</p> <input id="url" type="text" value="http://example.com" size="50"></input> <button id="submit-test">Test it!</button> <br /> <iframe src="about:blank" id="iframe" style="border:medium solid red" width="550" height="400"></iframe> </body> </html>
Save that as a .html page, open it in your browser and work away!. I’m simply posting this here so that if and when my tools folder becomes corrupted again, I can find this without hours of w3schools html/js lessons.
