trigger event on cross-origin window - javascript

I'm working on a website. In this website i display diffrent movies and series. Now when you select a episode of a serie this episode gets opened on bs.to in chrome if you look at the website (https://bs.to/serie/One-Piece/6/4-jfdsf/de) you see the play-button in the middle of the screen. is it possible to trigger a click event on this button for example with postMessage(). I've tried to add an eventlistener to the window and also to fire a event but i allways get the DOMException Blocked a frame from accessing cross-origin frame.
Is there a work-around? or can i develop a programm whitch simulate clicks dosen't metter if a window is opened or not?
Thanks for suggestions

If bs.to listens for a message telling it to fire a click…
addEventListener('message', e => document.querySelector("button").click())
… then yes.
But there is no way for your site to make the user's browser trigger a click on a third party site without that sites explicit cooperation.
That would be a huge security problem (take, for example, a third party site that was your online banking service, and a series of clicks that would transfer all your money to a malicious site author's account).

Related

How To Use 'beforeunload' to Capture Iframe Click?

I am trying to build a code that does a request when a cross-origin iframe is clicked and it directs the main window to a new page.
Since it's impossible to directly tap into Iframe click events, I thought of the following conditions as necessary:
page unload event occurs
the window is out of focus
Page unload (As far as I know) happens only when the current url is directed to some other url.
Now, this unload could happen by clicking any link. To restrict it to Iframes, I added the condition of window being out of focus.
addEventListener('beforeunload',(event) =>{
if(!(document.hasFocus())){
// Do Something
}
});
My question is, are their any limitations to this approach? If yes, then please suggest some more conditions to make it as close to reality.
For those of you, who are curious: I want to track clicks on Google AdSense Iframes on my website.

How to get Data of Iframe and store it in MySQL using Javascript

I have an iframe which opens a website. I want to know what the user has clicked on the iframe. For example- The iframe opens yellowpages.com , I want to know what phone number has the user clicked on or which company has he clicked on? Is it possible?
It is not possible to spy on what a user does on another website, even if you put that website in a frame on your site.
If you had the cooperation of the other site, then it could bind an event listener to monitor clicks and then use postMessage to inform your site across the frames.

Navigate between facebook profiles listener

I'm developing a google chrome extension that will insert a button in facebook profile cover, using content script that documented in chrome API i can insert that button on the refresh the page or open the profile in other window - tab, the problem is open any profile link in the same window - tab will not add that button! I think facebook load the content via AJAX without refresh the page.
I used that code:
$("div#contentArea").on("DOMNodeInserted DOMSubtreeModified DOMNodeRemoved",function() {
// Do somthing
});
but it does not fire on navigate between profiles!
How to know if the user is open other profile? I'm thinking to check url for every 1 seconds but is that the final solution?
I know it's been long time for this question, but I see it will be better to share the solution, a new one!
It's not good to use any of these DOMNodeInserted DOMSubtreeModified DOMNodeRemoved, instead use this API from HTML5 MutationObserver.
There is more than that you can use within MutationObserver is this library mutation-summary.
Thanks for Firefox developers because they share this with me when I submitted this add-on to store.
Best if luck to all.

Webpage redirection time

I want to calculate time consumed in redirecting from 1 webpage to another webpage.
For Example:
1) I am using Facebook in Google Chrome browser.
I have shared 1 link on my Facebook profile like below:
http://www.webdeveloper.com/
(It's not only Facebook. It can be any domain having link to another domain).
2) When I click on this link from my Facebook profile, then this website will open in new tab.
3) I want to calculate time difference in miliseconds or microseconds between below two events:
First Event: Time of clicking link "http://www.webdeveloper.com/" from my Facebook profile.
Second Event: Time of completely loading webpage of "http://www.webdeveloper.com/".
Thank you in advance.
Unless you load the linked page yourself into a frame or with xmlhhtp request, your facebook page does not have control of another page. In other words, as soon as the user clicks the link you have no control and it runs separately. If you use a frame or load the page ajax style with javascript into an object, it's not going to give you the same kind of timing. So this is basically a pointless excercise as you can't do it. You could potentially setup your own browser with whatever analyzer so it will give you timings but you can't set up any code that would time it for visitors, for the aforementioned reason. If it was possible to do such things then this code could also manipulate the linked to page and take over it. With such lax security you couldn't trust any link you click.

Facebook Connect Bug - JavaScript Refresh

Facebook Connect has a recent bug that is causing the permissions pop-up window to not close and refresh the parent window as it is designed to do. Instead, after approval by the user it attempts to load the page directly in the pop-up window which is an awful user experience and really hurting our registrations. You can see the bug by registering for our site using Facebook Connect: http://alltrails.com
The URL of the page after the user connects that Facebook Connect is incorrectly loading in the permissions pop-up window is of the form:
http://alltrails.com/?installed=1&session={"session_key":"2.Gu0duOqdElNjXRac5wnetw__.3600.1283799600-1486832834","uid":1486832834,"expires":1283799600,"secret":"tKFaEgBTF9RJeuQZfYUSCw__","base_domain":"alltrails.com","sig":"a8dd9f75418b530ae6c3d935e14274c4"}
I'm hoping that someone much better at JavaScript than myself could suggest a simple code snippet that we could add to our homepage that would only be invoked if the page URL includes '?installed=1' and would do the following to allow the same user experience as Facebook Connect was intended to provide:
Close the permissions pop-up window
Load the appropriate page http://alltrails.com/register/facebook in the original parent window
I've tried to do this a bunch of different ways but haven't had any luck with getting it to work correctly. Thanks in advance for your help!
It's a (unconfirmed) bug.
http://bugs.developers.facebook.net/show_bug.cgi?id=12260
Hopefully it gets more votes so it gets fixed - vote people!
In the meantime, i am (attempting) to employ the following 'creative workaround':
Add logic to my Default.aspx page to detect that URL they are redirecting to in the popup.
Redirect to my page, FacebookInboundAuthorization.aspx, preserving querystring.
On load of that page, register some JavaScript to close the popup and manually fire the "onlogin" event handler for my button.
EDIT - Another possible solution
So i do something like this for the "Disconnect from Facebook" button, which has a similar bug which has been in FBC from day 1. If the user is already logged in, and you click the "Disconnect from Facebook" button, the "onlogin" handler is not fired.
So what i ended up doing is replacing the Facebook Disconnect button with my own regular anchor tag, mimicing the Facebook CSS. This way i can have full control over the click event (fire the function i want).
So, this principle could (theoretically) be applied to this current bug.
That is, after you do FB.Init on client-side:
Check FB auth status using FB.Connect.ifUserConnected
If user is connected, hide the regular FB:Login button, and show your "fake" FB Login button. Copy across the "onlogin" function from your regular FB:Login button to your fake button as the onclick event.
Your Fake FB Login button would be a regular anchor tag, with the same CSS applied to the regular FB Login buton.
So essentially, if the user is already connected, we don't really need FB's intervention for authentication, we can just do whatever we want (request perms, redirect, etc).
That should work.
Unfortunately i have higher priority things i need to work on, but it sounds like this is top priority for you.
So give that a go, hope it helps.

Categories

Resources