my question is this
I have 2 sites, SiteA, SiteB, and what I want is to pretend that the traffic of a website through an open iframe in SiteA, simulate SiteB come from, for example we have:
*SitioA.com/index.php
*SitioB.com/redirect.php (Placed a javascript that redirects to the site I want it to open in the iframe, so the javascript code clears the referrer)
In SitioA.com/index.php, I put an iframe to call SitioB.com/redirect.php, which, in turn redirects with javascript to the web that I want to simulate the referer, here I leave the code to understand better:
In SitioA.com/Index.php I put:
<iframe class="premium_frame" src="http://SitioB.com/redirect.php" width="1000" height="1000" scrolling="no" frameborder="0"></iframe>
In sitioB.com/redirect.php, I put:
window.location.href = "http://jaqhegrjghegr.com";
Doing this is no way to jaqhegrjghegr.com for example, discover that the check actually comes from SiteA and not SiteB? that's my question
Related
suppose I have an Iframe from other site in my page and there some links to other sites.
I want to do this
when a user click on a link in the iframe instead to navigate to the destination, the page navigate to URL I interest
<iframe src="......." width="100%" height="100%"
align="middle" frameborder="0" scrolling="yes"> </iframe>
if you are opening a cross-domain iframe it is not possible to alter the contents or for the sake anything on the page. In case you want to achieve a similar effect what you can do is
1) Save the page as HTML
2) Change the to the webiste.com so that everything works properly
3) Host this page locally on your server
4) now what you can do is open this page as iframe src so it become same domain iframe, and you can modify whatever you want just writing $('iframe').contents().<your code>
It seems like a manual process but you can write a PHP or .NET script to achieve the effect, thats how i had done it and it works perfectly.
I'm making a website that has another website embedded in an object (a small box in my page). I'm looking for as solution that will allow me to hide this object when the webpage in the embedded object changes (i.e. the user clicks a link on that website)
The code I have below will only shows will create the embedded object but everything is static (i.e. the "src" will not change as the URL changes in the object).
<object data=http://www.website.com width="600" height="400"> <embed id="test" src=http://www.website.com width="600" height="400"> </embed> Error: Embedded data could not be displayed. </object>
Is there a way to look at the current URL of that object?
I've been thinking about using something similar to location.href but I'm not sure how to implement this.
Thanks
Sorry, due to browser policy, you can not do that, you can only get iframe url if it open a page within your domain. For more information you can search "get iframe url" within stackoverflow
If your site is in the same domain, you think you can do like this
var url = http://www.website.com";
function checkChange(){
if (document.getElementBydId('test').src != url){
alert('page change');
}
}
setInterval(checkChange, 1000);
I'm writing a firefox extension to read out the privacy settings of a facebook user. (not a facebook app!!) To switch between different websites of facebook I used iframes, but this isn't working anymore. I have this problem since 2 weeks.
$('#globalContainer').append('<iframe id="reusable_iframe" src="" width="90%"
height="400" name="reusable_iframe"></iframe>');
//....
$('#reusable_iframe').attr('src', link);
I'm follow the Same origin policy and it was working just fine since a 2 weeks!? an example:
var link = "http://www.facebook.com/editprofile.php?sk=basic";
Now I just get a blank iframe :(
the funny thing is, that if I add "http://www.youtube.com/embed/Qi_AAqi0RZM" or "http://trololololololololololo.com/" to the iframe it's working without a problem... :/
did facebook change the rules for own links in iframes? Is there a workaround? Is there an other way for me to scan different sites with firefox-extensions? i would prefer to stay with content-scripts....
Edit: This is how it looks at firebugs... also funny is that the facebook page http://www.facebook.com/undefined is working however!?
<iframe id="areusable_iframe" width="90%" height="400" name="areusable_iframe" src="http://www.facebook.com/">
<html>
<head>
</head>
<body>
</body>
</html>
</iframe>
Facebook sends the following response header to the browser:
X-Frame-Options: DENY
This cause all major browsers (even IE8 and higher) to prevent showing it inside frames.
The old way was "frame buster" using JavaScript forcing the page to open as the top window, but it's very unfriendly so it was replaced by this header in most modern websites that don't want to be displayed in frames.
Not much you can do though, sorry.
The "undefined" page is just blank content which is their 404 custom error page as it does not contain the above header, it can be displayed inside frame.
To learn more about the X-Frame-Options header see this documentation.
I embedded a web page in an iFrame like this:
<iframe id="frame" src="http://www.domain.com" width="100%" frameborder="0" marginheight="0" marginwidth="0"></iframe>
Edit: The problem i am having is that the web page javascript is using the top property to find objects but now it is embedded in the iframe, is there a way to over ride this?
If I understand you right, you want to send data from the iFrame to the parent? If so, the error happens because Cross Site Communication is usually blocked to avoid XSS attacks. But you can keep your iframe, and use JavaScript and the window.postMessage(); function to share data.
https://developer.mozilla.org/en/DOM/window.postMessage
I was hoping that someone can help me, I am trying to get the URL of a page in a iframe:
<script language="JavaScript">
function myLocation() {
alert(document.all.myFrame.contentWindow.location);
}
</script>
<button onclick="myLocation();">Location of Frame</button>
<iframe src="http://www.google.com" width="800" height="600" frameborder="0"
scrolling="auto" name="myFrame"></iframe>
This basically will give me the location of the iframe in my page, but does not give me the google.com url - it is also important to give me the url of everypage that I may open from the google results, so when I am on google.com it should give me the google.com url and if I browse to www.facebook.com it should give me the facebook url...
Any ideas welcome! Thanks
The same origin policy prevents accessing details (including the current URI) of documents on other domains.
If you want to work around this, you will either need to use something other than a web page (such as a standalone application or browser extension) or proxy all requests through your own server.
you may want to use some sort of javascript library, but i've tried this code on deviantart.com using raw javascript code:
document.getElementsByTagName('iframe')[0].src and it gave me the result i was expecting.