I embedded a web page in an iFrame like this:
<iframe id="frame" src="http://www.domain.com" width="100%" frameborder="0" marginheight="0" marginwidth="0"></iframe>
Edit: The problem i am having is that the web page javascript is using the top property to find objects but now it is embedded in the iframe, is there a way to over ride this?
If I understand you right, you want to send data from the iFrame to the parent? If so, the error happens because Cross Site Communication is usually blocked to avoid XSS attacks. But you can keep your iframe, and use JavaScript and the window.postMessage(); function to share data.
https://developer.mozilla.org/en/DOM/window.postMessage
Related
I want to display this webpage in my application.
But i got this error Refused to display https://onlineadmission.ignou.ac.in/onlinerr/StudentReRegistrationForm.aspx in a frame because it set X-Frame-Options to sameorigin.
Please help me out how to display that page in my application.
<iframe name="form-target" width="100%" height="100%" src="https://onlineadmission.ignou.ac.in/onlinerr/StudentReRegistrationForm.aspx" frameborder="0" allowfullscreen="" srcolling="no" target='_top'></iframe>
Well, if that would work the way you want, then The clickjacking attack would be possible too.Thats why we have security for.
There is an interesting article about this: iframe-loading
You can check Clickjacking for more informations.
Or here for those, who wants to know, how to prevent clickjacking attack.
I have an issue about embedded canvas is that I don't want
to use double click feature on it.
While API given by Sketchfab doesn't offer such functionality, is there a way to block event getting there in the first place ?
UPDATE:
I am embedding model from Sketchfab.
Here's the embed:
<div class="sketchfab-embed-wrapper"><iframe width="640" height="480" src="https://sketchfab.com/models/9eb60eebc20e45c4b586e1a6fe6c5983/embed" frameborder="0" allowvr allowfullscreen mozallowfullscreen="true" webkitallowfullscreen="true" onmousewheel=""></iframe>
...
Since you stated that you are using Sketchfab (which is embedded with an iframe) this is not possible due to XSS protection. No major browser will allow you to access embedded cross site content.
Take a look at this link for more information about cross-frame scripting and security.
can you check this? Remove Event
$('canvas').off('dblclick');
https://jsfiddle.net/gtbypwLb/
I have the following iframe:
<iframe src="https://www.weddingwire.com/morgancamille" style="border:0px #FFFFFF none;" name="weddingwirersvp" scrolling="no" frameborder="0" marginheight="0px" marginwidth="0px" height="600px" width="600px"></iframe>
... and it would appear that the website who's form I would like to display elsewhere has some iframe-specific parameters to deter people from displaying the form on other sites. Any ideas on how to get around this?
Changing the document to that particular iframe may help. Otherwise, you are running up against the intended purpose of iframes. You say you want to display elsewhere, but the purpose of an iframe is to prevent it from being displayed elsewhere.
jQuery/JavaScript: accessing contents of an iframe May be helpful here.
We are going to launch JS based widgets which webmasters (any site) will be putting on their site by embedding a small code snippet like :
<iframe src="SOURCE_PATH" frameborder="0" width="300px" height="150px" scrolling="no" id="cd_frame"></iframe>
Inside the widget there are three links and we need to track how many clicks are happening on them from the external sites where the widget is going to get used.
If I simply put the code which GA provides will that work? OR do I need to make any changes?
Thanks.
you should be able to track from your iframe as it would appear to google analytics as a regular page. your issue would be knowing what iframe you were tracking. if you can pass a unique id via the iframe url then you should be able to add a custom parameter to track the different sites.
eg
<iframe src="SOURCE_PATH?uniquetrackingid=123" frameborder="0" width="300px"
height="150px" scrolling="no" id="cd_frame"></iframe>
information about custom tracking codes can be found here
http://www.google.com/support/analytics/bin/answer.py?hl=en&answer=55585
I was hoping that someone can help me, I am trying to get the URL of a page in a iframe:
<script language="JavaScript">
function myLocation() {
alert(document.all.myFrame.contentWindow.location);
}
</script>
<button onclick="myLocation();">Location of Frame</button>
<iframe src="http://www.google.com" width="800" height="600" frameborder="0"
scrolling="auto" name="myFrame"></iframe>
This basically will give me the location of the iframe in my page, but does not give me the google.com url - it is also important to give me the url of everypage that I may open from the google results, so when I am on google.com it should give me the google.com url and if I browse to www.facebook.com it should give me the facebook url...
Any ideas welcome! Thanks
The same origin policy prevents accessing details (including the current URI) of documents on other domains.
If you want to work around this, you will either need to use something other than a web page (such as a standalone application or browser extension) or proxy all requests through your own server.
you may want to use some sort of javascript library, but i've tried this code on deviantart.com using raw javascript code:
document.getElementsByTagName('iframe')[0].src and it gave me the result i was expecting.