[Edward Muller]
On Mon, 2003-09-15 at 11:48, Passin, Tom wrote: [snip]
If you want the pages to appear only within their intended frame, a user with the right browser can easily defeat that intention unless you enforce it using javascript in the page.
Which isn't secure at all, since someone who is really dedicated would just fire up curl, wget, lynx, etc (insert tool of choice here) to attempt to grab whatever they want anyway, bypassing any javascript on the page.
Right, if we are going to consider people who can ignore or change the document contents (as opposed to people who just grab the GET parameters or use the browser's context menu). Which just goies to emphasize that the OP has not explained his problem adequately to get a sensible answer. Cheers, Tom P