code whose purpose is to do harm to a Web page
's viewer -- most usually, to inhibit him or her from navigating
or leaving a Web site
Another, somewhat milder abuse is to deny the user the ability to open a frame of a framed Web page into an independent window. By testing to see if a page has been loaded into a frameset, and refreshing into the frameset if it has not, the page author can force the user to look at pretty sidebars -- or, more often, ugly and flashy ads. SecurityFocus practices this abuse, and for no apparent reason.