Edited question
In summary:
I got 2 sites
siteA.com
siteB.com
Iframe belong to siteB.com
But i want allow siteA.com to iframe siteB.com page too. However anything that not siteA or siteB.com will be redirect to siteA.com
using javascript, how do i check, consider to ignore with www or without www(wildcard) and also that my site could be siteA.com/pretty-url
How do i do the check and add in the security with javascript , which any random site not authorize will result in window.top.location.href being redirect to siteA.com
Thanks for all help, new here :)
Something like this?:
if (window.top != window && !window.top.location.href.split('?')[0].split('#')[0].match('mysitedomain.com'))
{
window.top.location.href = window.location.href;
}
The first check is making sure you only run this code if your site is in a frame.
The second check is looking to see if url of the top frame (browser window) contains your domain. We need to ignore the querystring/anchor incase it looks something like this: http://notmine.com/path/file.html?subframe=mysitedomain.com
This would still match:
http: //not*mysitedomain.com*/path
In the .match(...), you could include http:// or https://.
Update to answer your edits:
var topUrl = window.top.location.href.split('?')[0].split('#')[0];
if (window.top != window && !topUrl.match('siteA.com') && !topUrl.match('siteB.com'))
{
window.top.location.href = "siteA.com";
}
Related
I have a QR Code that brings users to PAGE A that immediately forwards to PAGE B. I want Page B to check if users came from PAGE A otherwise forwards them to PAGE C (basically say you need visit PAGE A first). The end result is that Scanning the QR Code allows access to PAGE B through PAGE A but someone can't start on PAGE B without previously being on PAGE A (unless they type it in) It's not foolproof by any means, but it's a deterrent.
On Page B I am using:
if (history.back!="[page a url]") {
location.assign("[page c url]");
}
but this doesn't seem to work.
BTW I'm hacking my way through learning any of this by trying to learn what I need to do what I need to do - please assume I know very little
By your tags, I see that you are using WIX. I'm not sure if you have access to server side there so my answer is in javascript. This isn't full proof as you can't trust anything sent from the browser.
On page A, use localStorage to set a variable visitedA to 1 then redirect to page B.
<script>
localStorage.setItem("visitedA","1");
location.href = "pageB.html";
</script>
On page B check if visitedA equals 0, then redirect to C.
<script>
let visitedA = localStorage.getItem("visitedA") || "0";
if(visitedA == "0"){
location.href = "pageC.html";
}
</script>
Using Document.referrer is a good and most straightforward solution to this problem.
https://developer.mozilla.org/en-US/docs/Web/API/Document/referrer
example:
<script>
// did user come from page a?
if (document.referrer.includes('page-a') {
// yes page-a was in the referrer
} else {
// no, referrer was empty or did not include page a
}
</script>
how to save a "session" for document.referrer?
Example:
I have two sites
site1/referer.html (this site redirect for site2).
site2/page.html (this site display a mensage when the visit is redirected from site1).
I need when user click in other page, this message keep displaying, because access came from site1, even going to other pages.
I'm using the script (referer in elseif):
facebook = /facebook.com/;
if (jQuery.cookie('visits') > 0.5) {
jQuery('#active-popup').hide();
jQuery('#popup-container').hide();
jQuery('html, body').removeAttr('style');
} else if (document.referrer && facebook.test(document.referrer)) {
var pageHeight = jQuery(document).height();
jQuery('<div id="active-popup"></div>').insertBefore('body');
jQuery('#active-popup').css("height", pageHeight);
}
You could just store it as a session cookie as #epascarello mentioned.
The important thing here is to set the path, as the cookie wouldn't be accessible for other pages than the one that sets it (and this is what you want to do here):
jQuery.cookie('referrer', document.referrer, { path: '/' });
You can later on access this cookie with
jQuery.cookie('referrer');
(This is using https://github.com/carhartl/jquery-cookie, there is a native Javascript API (ugly) as well).
This has probably been answered before but i don't understand al the difficult research online so i ask it here And hope for a easy answer
<script type="text/javascript"> // <![CDATA[
if ((navigator.userAgent.indexOf('iPad') != -1)) {
location.replace = "http://www.joey-games.byethost4.com/games/";
} // ]]>
This does not redirect me.
var isiPad = navigator.userAgent.match(/iPad/i) != null;
//or by using
var ua = navigator.userAgent;
var isiPad = /iPad/i.test(ua)
You can find other related information in the following links:
http://fellowtuts.com/jquery/ipadiphone-detection-using-javascript/
Detect iPad users using jQuery?
Instead of using location.replace use location.href
Your snippet becomes
if (navigator.userAgent.indexOf('iPad') > -1) {
location.href = 'http://www.joey-games.byethost4.com/games/';
}
I've made two changes to your code
!= to > in the if statement which is no biggie (nothing relevant)
changed method call from replace to href Taken from MDN
The Location.replace() method replaces the current resource with the one at the provided URL. The difference from the assign() method is that after using replace() the current page will not be saved in session History, meaning the user won't be able to use the back button to navigate to it.
This basically says that if you use replace you cannot use the browsers back button to get to this page anymore, basically reducing the users user-experience since they'll get confused about what the back button does when they use your website.
This will redirect your users on the iPad to a different website however, you shouldn't do this - it's bad for your users and your website. (as partially explained above)
Iam Not gonna use The redirecting to go to "Joey-games.byethost4.com/games/" I wil redirect iPad users to: Joey-games.byethost4.com/mobile/iPad/ for a mobile site since flash player is not supported in safari yet
In my site I have a password protected page containing some links to other sites also operated by myself that cannot be password protected. I would like to place a HTML code onto one of the other sites I operate that checks that the person arriving at the page has been referred from the URL of the 'Links Page'.
(I understand that this is not a secure option)
Summary:
If Referrer = 'Links Page URL' *then* Do nothing *Else* Redirect: www.google.com.
Does anyone know a simple HTML/ Javascript code that I can copy and paste into my site?
if (document.referrer !== "http://www.stackoverflow.com") {
window.location.href = "http://www.google.com";
}
Or you can use regular expressions to check the referrer.
Anyway, this solution is really, really unsafe. You can just turn off JavaScript in your browser and won't be redirected...
Try this
function url(url){
return url.match(/:\/\/(.[^/]+)/)[1];
}
function check()
{
var ref = document.referrer;
if(url(ref) =='www.google.com')
{
// do something
}
else
{
// redirect
window.location.href = 'http://yourDomain.com';
}
}
I found document.referrer doesn't work for me, but location.href works:
if (location.href != "http://yoursite/index.html") {
location.replace("http://yoursite/index.html");
}
Here's the situation:
I am working with a site that forwards users from (SITE A), to a mobile version (SITE B), like so:
<script type="text/javascript">
$(document).ready(function(){
if($(window).width() < 480){
window.location = "http://mysite.com/mobile-version"
}
});
</script>
Problem is, we still need to offer users the option to return to (SITE A) from within (SITE B), but with that script in place it's just going to run the script again when users request (SITE A) and return to (SITE B).
Can an IF/ELSE statement pull the user's last visited page/site and say well...you're visiting (SITE A) from (SITE B), so no need for the re-direct?
The DOM property you're looking for is document.referrer.
It returns a string containing the page the user was on before they came to this page. i.e.
var prevPage = document.referrer;
if (!prevPage.match(/*SITE A*/)){
//Do Something
}
A server side session would best for complete cross-browser support but if you want to do it on the client side you can use HTML 5 LocalStorage if both the mobile and desktop site are on the same domain.
On the mobile site, when the user clicks to show the desktop site, store a value in localStorage:
// user wants to go to desktop site
localStorage.setItem("no-mobile-redirect", true);
window.location = 'http://desktopsite';
On the desktop site:
$(document).ready(function(){
if($(window).width() < 480){
var localVar = localStorage.getItem("no-mobile-redirect");
if(!localVar){ // only redirect if the no-mobile-redirect is not TRUE
window.location = "http://mysite.com/mobile-version"
}
}
});
Racheet's answer is correct, as far as it goes, however it's not safe to rely on this. Some web browsers can be configured to not send a REFERER header for privacy reasons, and some firewalls/routers will do this too.
Your best bet is to instead only perform the redirect if a querystring (or form) parameter is not present. For example:
"http://mysite.a.com/" - will redirect to Site B
"http://mysite-b.com/" - user is now at the mobile site, but clicks a 'view full site link'...
"http://mysite-a.com/?noredirect=true" - you note the parameter and do not redirect.
Other alternatives could perhaps involve using cookies or localstorage, but again you need to consider the possibility that the user's client doesn't support those features or has them turned off.
Just offering another solution.
Use a parameter in the URL when redirecting to desktop: http://mysite.com?rd=false
$(document).ready(function () {
if (window.location.indexOf("rd=false" != -1) return;
if($(window).width() < 480){
window.location = "http://mysite.com/mobile-version"
}
});
Come to think about it: a cookie would be more practical...