I am currently looking into a couple of possibilities for a microsite that I am building. The microsite sits on a different domain to the main site, and we want to use some of the forms from the main site. However we don't the user to see the main sites thank you page for a form submission.
My question is, is it possible to submit the form on the microsite to the action of the main sites form, so essentially I am wanting to submit a form that is set on http://domain1.com to http://domain2.com.
Will I able to this due to cross-site scripting etc?
You are fighting with http://en.wikipedia.org/wiki/Same_origin_policy.
Possible solution will be using a local proxy like http://developer.yahoo.com/javascript/howto-proxy.html
Using plain AJAX this is not possible, no.
You'd need to use a local proxy of some kind to achieve this. The form should submit it's data to a server side script on the same domain. That script should submit the data (using cURL or the like) to the remote location and give any response back to the form.
What you are trying to do is possible, but with some restrictions. Newer browser support cross domain ajax using the x-access-control-allow-origin etc. headers.
You could also use cross domain messaging (see CORS). To get backwards compatibility with older browsers, easyXDM is an option.
Another option is to build a hidden iframe, create a form, and send the data there using a normal for with action pointing to the other domain.
Remember though that Cross Site Request Forgery may be a problem. How do you stop other sites from posting to that same url.
You should be able to do this by placing the link to the action of mainsite in the microsite form. Also you can achive it via ajax, by sending call to the url of the mainsite and fetching results.
Related
We want to get the html content of a page on another domain. The following considerations are present:
1- The login page has a I am not a robot recaptcha.
2- The load of page in iFrame is restricted.
3- Could not use jQuery get or load methods because of cross domain restrictions.
With these limitations is it possible to develop a crawler or even use some client side codes to get data?
Thanks
Actually.. NO
But you can take the help of a backend server.
Let the server download the page and send it to the client.
This would solve problems related to CORS restrictions.
Coming to the captcha part, if the page operations are restricted by the captcha, then again there aren't much you can do. If it was that easy, the captcha wouldn't be used in the first place.
Is there any code in javascript like www.facebook.com.getElementById("some id").innerHTML;?
I was thinking if there's a way I could access the tags of another website (not written by me). I want to know if I can write a script, which when run, will,for example, fill the login form of a website.
Thanks!
No there is not.
If you would request another Website you should send an AJAX request.
To prevent cross-site-scripting, most modern browsers have disabled AJAX-requests to other Domains.
There would be the possibility that you request one php file on your own domain, which would request an external site and returns the external site to you.
Then you could perform these calls.
I want to have a form on my page take user input, a URL to be precise, and once that field is complete, have the script go to the destination URL that was entered (in the background), and display all images on that page in a thumbnail view for the user to select. I have been able to get it to work using php but want a client side solution. Any suggestions?
JavaScript is restricted by the same origin policy. It will not be able to read the other site unless it supports CORS. Other option is to use a local proxy [serverside langauge] on your domain to fetch the content.
Client side solution would be tricky. Most browser don't allow cross-domain AJAX calls.
Take a look at http://en.wikipedia.org/wiki/Same_origin_policy
I have an html page, which is a dynamically created asp/aspx page on http://host2.mydomain.com. I have no control over the html page. I cannot modify it in any such way. I cannot modify this page; so, setting document.domain is out of the question, unfortunately. This html page is compiled by a 3rd-party vendor and the code is close-source; I cannot view it or change it.
I want to retrieve and display this page on http://host1.mydomain.com/page1.jsp using Ajax.
FYI: host1 is being served by IIS 7 and Apache Tomcat (for JSP pages). And host2 is using IIS 7 and ASP.
How can I retrieve this page using a Ajax POST request?
Thank you.
YQL http://developer.yahoo.com/yql/and JSON-Phttp://en.wikipedia.org/wiki/JSONP
By setting proper CORS headers if you are using modern browsers. Have a look here
You are just going across subdomains so can do it using an iframe, look to this question - A question about cross-domain (subdomain) ajax request
The solution referenced: http://www.tomhoppe.com/index.php/2008/03/cross-sub-domain-javascript-ajax-iframe-etc/
you write a server-side script to retrieve the page contents, then you use Ajax to request your script
You can't with a standard AJAX call due to cross-domain policies, you would have to use JSONP or a form of JSONP http://en.wikipedia.org/wiki/JSONP
Also, a common "gotcha" is that the cross-domain policies prevent secure to non-secure ajax as well. So a https:// page cannot request a http:// page and vice versa/
If I have a server on xyz.com and wanted to send a POST request via javascript to abc.com how do I do this? Will I run into the Same Origin Policy? Mainly I just need to send data and not necessarily return data (although that would be nice). Any thoughts on this view? I am ideally looking for an entirely javascript method. Thanks.
If you want to post data, guessing you do not want to refresh the page. That means you need to add a hidden iframe to the page with a id/name. Set the form's target to that id/name and presto, you submit the form to that domain without refreshing the page.