Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> can you imagine if every site that linked to yours had a bar at the top of your page that said "back to facebook" or "back to wikipedia"?

I saw a site do this yesterday. It was so noticeable because I only permit same-origin JavaScript and the whole site broke (most actually work).

Then I realised there is an intermediary providing this service:

http://linkis.com/

It is the worst of all things.




Linkis is twitter cancer

http://www.adrianjock.com/remove-linkis-frames-twitter/

You can also look at the source from an linkis infected link to find the original url


you can detect if your page is running inside iframe and if so, make the browser to load only your page, to get rid of services such as linkis.com


but does this work with AMP pages that restrict the javascript?


AMP is "HTML with some restrictions".

Speaks nothing of HTTP (otherwise they could've done the right thing and added a "text/html;amp=1" content-type).

In theory this should still work: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-...

But I doubt that Google's AMP cache will respect existing headers (the very nature of the cache stuff means that they won't, but what they will do to non-cache headers on an item is undefined AFAIK and so they will probably just strip them).


a quick look at an amp page (from google's cache) shows it's being served with x-frame-options:SAMEORIGIN, so looks like the linkis thing won't work with them.


parent comment mentioned service such as http://linkis.com/ what i was reacting to. i doub't that you can use linkis.com with AMP




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: