Disable XL's Content Modifying Ads

Was doing more research and discovered that you can disable XL’s ads if your website is infected with it. The solution is far simpler than the problem. Browser makers deserve all the credits for making something like this so simple.

So basically all you have to do is to add a header to your HTTP/S responses, the header in question is X-Frame-Options. It’s pretty simple to do this, you can either use your server side platform or directly into the web server, it’s your choice.


I love nginx and it’s dead simple to configure. Just add the line below inside your server configuration.

add_header X-Frame-Options DENY;

Browser support is also satisfying if you don’t plan to utilize advance ALLOW-FROM permission:

  • Chrome 4.1.*+
  • Firefox 3.6.9+
  • Internet Explorer 8.0+
  • Opera 10.5+
  • Safari 4.0+

Heads up though, if you have any content you purposely want to be able to be embedded in an IFRAME, the code above will disable it. There are multiple ways you can do basic ACL with this header and you should head up to Mozilla Developer Network from the link below.

X-Frame-Options at MDN