I got a site that loads multiple recaptcha at once in iframes.
I was wondering when a user hit enter after typing the captcha if there a way to add a key event to toggle to the next iframe box and enter the next recaptcha?
Most of the site is written in php but there are some stuff javascript added
You may be better off using a different recaptcha method that doesn't require the use of iframes. Finding a work-around for the iframe security sandbox, if even possible, may be more work then it's worth.
Related
I have an iframe in my react app that links to an external site where people can fill out a form to sign-up for service. On chrome and firefox this iframe works fine, if you fill out the form itll allow you to click next to move to the next set of form fields to fill out. however on Edge, ive noticed that no matter what you do, once you hit "next" to go to the next form field, it will breifly go to the next page, however it will "refresh" so to speak, and back up to the first form field. effectively keeping you from filling out required fields.
is there a way to ensure browser compatibility here? ill note that the external site uses a lot of JQuery script to perform its necessary functions. but it shouldnt be that as that code also has a script tag that imports the JQuery CDN so it should function correctly.
The iFrame tag needs a secured connection, Was using an http connection, the reason i could not move forward was because the page that was loaded needs a secured connection to move forward.
is there a way to press a button on external site with javascript and/or jquery? Like I open a new window like this:
windowObjectReference = window.open("http://some_site.html","name");
Then I want to press a button on this site. Something like this:
windowObjectReference.button.click();
Or:
name.button.click();
It would be a huge security violation if a browser would let you do that from the script placed on your own website.
So, no, this cannot be done, and should not be possible.
But...
If both sites belong to you (you have access to their code), you can pass a parameter (eg. as a hash within URL), then the target website may read it and fire the event you mentioned (name.button.click()).
You can't do this with JavaScript from a webpage.
You can do it from browser extension though.
NO !
For security reasons. This kind of attack is called clickjacking! and it was used on Twitter.
is there a way to press a button on external site with javascript
and/or jquery?
I know that I'm late at party but YES, Unfortunately it is and is a quite simple way.
make a div on your page (ex. #externalDiv);
set CSS attribute to hidden and display to none;
use (simple way) jQuery method .load() or make your own JS method using XMLHttpRequest();
load external page on your page;
click on button you wish
$('#externalDiv').load('http://www.externalPage.com', function(){$('#externalPageButtonId').click();});
Can not doge by something if you don't know how it's work :)
You are not allowed to do so because of SOP. Any trick to force user to perform click on your behalf will be considered as clickjacking attack and could lead to bad consequences.
I'm tying in to the onbeforeunload event in Javascript to disable control of the page during the unload process. We have a bunch of users who were editing data during this time and it was wreaking havoc on the product.
There are a bunch of links that show up on the page that have href="javascript:.....".
Clicking these links fires the disabling code, which makes the page impossible to use. Is there a way I can detect if the onbeforeunload event is navigating to a different page or just firing this Javascript?
Have every href link visit a piece of javascript code which does inspection on the href contents before it is executed.
event.target.href.startsWith('javascript')
If yes, submit the request, if not, do something else.
This isn't the most reliable way of checking for this but it works for my purposes:
$('*:focus').attr('href')
I know this has cross site scripting limitations however I was wondering if there is a way to do this...
I have a customer who uses a 3rd party website to present surveys to users. The survey site does provide iframe code to include on your site so you can present the survey to your users from your own site. The customer wants to capture some data when the user clicks the submit button within the iframe. I don't need access to any form fields within the survey I just need to some how define an additional custom event in javascript that gets fired when the submit button is clicked in the iframe. Is this possible? How?
Thanks!
There is no way to do this due to the cross site scripting. If you had access to both the iframe content and the outer frame then you could have used events to communicate between the two. But of course you have no control over the iframe content.
If you had access then you could have post a message to get access to the events. Here is a plugin. http://benalman.com/projects/jquery-postmessage-plugin/
No. You cannot reach the DOM in the IFrame at all.
The short answer is: no. Not unless both scripts are on the same domain, for as the reason you identified: security reasons.
See http://softwareas.com/cross-domain-communication-with-iframes.
I'm trying to fill out two textfields and press a button programmatically that is opened in a webview in my webos app. Is there any possibility to do that? The website has to be openend in a webview because it refreshes every 30 seconds. (I wan't to log me in automatically to our university's homepage.)
I doubt you will be able to script the contents of the WebView directly (too many potential security issues at stake).
However, you might be able to simulate a Javascript bookmarklet by loading the page and then using the WebView's openURL method to run a bookmarklet that fills out the fields and submits the form (so something like myWebView.mojo.openURL('javascript:DO_STUFF_HERE') might work). I have never had a need to test this sort of thing, but that's the only way I can think of that you'd be able to execute Javascript within a WebView.
Good luck!