Redirect Window from iFrame - javascript

I was hoping somebody could please assist on a problem I am currently having. I have an IFrame named IFrame1 implemented on a client website. On the client website they have certain information of the user in the QueryString for instance clientwebsite.com/login.aspx?UserID=xxxx&UserName=xxxx.
Using MVC what would be the best way of retrieving the entire querystring while I only have an IFrame on the website?
I tried using JavaScript to retrieve the window.location but this only displays the URL where my IFrame is deployed (MyServer.com) and not where it has been implemented(clientwebsite.com). I also tried using C# HttpRequest.QueryString. This also just displays the URL where my solution was deployed and not the client website URL.
If anybody has any suggestions it would be greatly appreciated.
EDIT
I tried using the window.parent.location as many suggest. I wrote a small webpage where I just pull the code and display it as follows :
<script type="text/javascript">
document.write("window.location.href : " + window.location.href + "<br />");
document.write("window.parent.location : " + window.parent.location + "<br />");
document.write("document.referrer : " + document.referrer + "<br />");
</script>
When I run this page I get the result as follows :
window.location.href http://mywebsite.com/test
window.parent.location http://mywebsite.com/test
document.referrer
Which is fine but when I view this through the clientwebsite it onlyu displays the href value but neither the window.parent.location label or the value. Can this be caused due to permissions?

You should try using :
var parentUrl = window.parent.location;
window.parent will get you inside the parent window and then you can do anything with the parent window.
Hi Ruben,
I believe you need to add window.parent.location.search . You can do something like this for query string. This answer was provided by Marwan:
function getQueryString() {
var queryStringKeyValue = window.parent.location.search.replace('?', '').split('&');
var qsJsonObject = {};
if (queryStringKeyValue != '') {
for (i = 0; i < queryStringKeyValue.length; i++) {
qsJsonObject[queryStringKeyValue[i].split('=')[0]] = queryStringKeyValue[i].split('=')[1];
}
}
return qsJsonObject;
}
Just call it from the child window like this and act with the query string as an object.
For example if you have the query string ?name=stack and you want to get it, try:
getQueryString().name
This will return stack.

Related

how to Restrict access to some urls of wordpress website from single referrer domain

hello my question is what is the best approach to Restrict access to some urls of wordpress website to single referrer domain.
as far as I am familar with javascript I found a way for that. but I think javascript code is not good, because the source code of the page does not change.
I wrote this code:
function getCookie(name) {
const value = `; ${document.cookie}`;
const parts = value.split(`; ${name}=`);
if (parts.length === 2) return parts.pop().split(';').shift();
}
document.body.style.display="none";
var url = document.referrer;
var domainname;
var referal_code = getCookie("protect_faq_pages");
console.log(url);
if(url){
var anchor = document.createElement("a");
anchor.href = url;
domainname = anchor.host;
console.log(domainname);
if(domainname == "softwareservicetech.com"){
var cookieString = "protect_faq_pages=cWs#fgf$a1fD#FsC-)";
document.cookie = cookieString;
}
}else if(!(referal_code == "cWs#fgf$a1fD#FsC-)")){
document.getElementById("page").innerHTML="<p>Sorry you do not have permission to view the content</p>"
}
console.log(referal_code);
document.body.style.display="block";
this site can be accessed itself:
https://health-unity.com/
you can find out the page below is restriced on the view :
https://health-unity.com/help-centre/videos/
and also these pages too:
https://health-unity.com/help-centre/videos/video-number-2/
https://health-unity.com/help-centre/videos/video-number-1/
but when click on the link on below site (link to health-unity-videos):
https://softwareservicetech.com/testpage/
the archive page will be accessible after that. user can go to the pages below directly:
https://health-unity.com/help-centre/videos/video-number-2/
https://health-unity.com/help-centre/videos/video-number-1/
these were restricted before and now can be accessed by a cookie that is set.
but the problem is that page source still exist and did not changed by javascript code and user can view the page source. also I want that the cookie value should be hidden. because of these two problem I think javascript is not a good idea.
please share with me if there is way with javascript, php, or editing functions.php or .htaccess file to achieve this.
thank you for your response in advance
You can use $_SERVER['HTTP_REFERER'] in functions.php
For example:
<?php
add_action('init','check_referrer');
function check_referrer(){
if( str_contain($_SERVER['HTTP_REFERER'], 'https://example-domain.com/'){
// do somthing
}else{
// do somthing else
}
}
?>

Can't pass my parameters in iframe

I have a parent page with a form in an iframe:
https://profiel.pelckmansuitgevers.be/?email=dennis#hybridmedia.be
All the fields of the form should be prefilled. But that doesn't work anymore.
If you add the email parameter to the url, this parameter is added to the source of the iframe.
But on my iframe, I cannot get the email parameter.
I'm doing this in the iframe:
var urlParams = new URLSearchParams(window.location.search);
if (urlParams.has('email')) {
var email = urlParams.get('email');
//all my code here...
}
It seems that urlParams is empty.
But when I open the page in incognito mode (chrome) and do a hard refresh, all the fields are prefilled. So it works in this case.
Does anyone know what the problem is?
Maybe that my script is trying to receive the email parameter but that this doesn't exist at that moment? Or something else?
Thanks!
You seem to have 2 problems :
1) your iframe is in a subdomain, and you don't send the email parameter in the iframe url. So some browsers like Google Chrome won't be able to access the email.
Sample code for solving this problem :
var loc = window.location.toString(),
params = loc.split('?')[1],
iframe = document.getElementById('updateform');
iframe.src = "https://pelckmans.houston-1.hybridmedia.be/update/pelckmansuitgevers/" + '?' + params + '&v=' + Date.now();
2) JS cache problems
You can solve this with changing
<script src="js/prefill.js"></script>
with
<script>document.write("<script type='text/javascript' src='js/prefill.js.php?v=" + Date.now() + "'><\/script>");</script>
in your iframe page https://pelckmans.houston-1.hybridmedia.be/update/pelckmansuitgevers/
This problem happens often when you develop JS and includes this in a .js file.
The browser caches the js...a way to solve this is for instance to add a timestamp after the js filename, or a version number like i did in my code.
You can find more ways to do this in this thread How to append timestamp to the java script file in <script> tag url to avoid caching

Refresh the page with javascript and GET variables

<script type="text/javascript">
var email = document.write(localStorage.getItem('email'));
var pass = document.write(localStorage.getItem('pass'));
var url = document.write(document.URL);
document.location.href = url+"?email="+email+"&pass="+pass;
</script>
But when I enter the page I left the url like this:
http://example.com/undefined?email=undefined&pass=undefined
Not happening ... Anyone know the problem? Thank you very much!
Well, what's up with document.write(…) in here? You don't want to print out anything:
var email = localStorage.getItem('email');
But if you want to print out the values for testing:
var email = localStorage.getItem('email');
document.write(email);
(See also console.log(…))
You should escape the parameters using encodeURIComponent(…):
location.href = url + "?email=" + encodeURIComponent(email) +
"&pass=" + encodeURIComponent(pass);
Also you should not use document.write anyhow. There are plenty more reasonable methods to change the content dynamically on you website.
You should not send a password using GET requests, as they will appear the browser, proxy and server logs. Use POST requests through invisible forms.

add page title to javascript code

I have this javascript snippet which passes an id and the reffering page to a php page where i then collect the ip address, what i wanted to do is also capture the page meta title and also forward that to the php page. However i am very new to javascript and not sure if it is possible.
Any suggestions would be appreciated below is my javascript code, thanks.
var track = new Image();
track.src="http://testsite.co.uk/~vtrack/track/track.php?id=801003&self=" + document.referrer;
track.src = "http://testsite.co.uk/~vtrack/track/track.php?id=801003" +
"&self=" + document.referrer +
"&pageTitle=" + document.title;
document.title = `Your Title goes here`

Create a 'send to Delicious' bookmarklet with custom tag

I've created a javascript bookmarklet that gets the current page's title and URL, using the following code:
//Check to see if jQuery is already loaded
if (typeof jQuery == 'undefined') {
var jQ = document.createElement('script');
jQ.type = 'text/javascript';
jQ.onload=runthis;
jQ.src = 'http://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js';
document.body.appendChild(jQ);
} else {
runthis();
}
// main Javascript function
function runthis() {
title = document.title;
url = document.URL;
tag = "customTag";
alert("Added to paperclip: Page Title: "+title+" | URL: "+url);
}
I now want to take that info and add it as a bookmark on my Delicious account. How do I go about this with Javascript/jQuery? I've taken a look at the API documentation but am having trouble getting my head around it (completely new to this, and OAuth makes my head spin), and can't find any full code examples to tinker with.
Would really appreciate any help/examples.
Edit:
You may want to look at this previous question. - "I want to create a Delicious bookmarklet in Firefox that bookmarks the current page with a predefined tag."
Well, an example that does exactly what you want by using a bookmarklet in your browser's toolbar is the delicious bookmarklet. It gather information from the page, displays the info in a popup, allowing you to edit it, and then stores it to your account:
http://delicious.com/help/bookmarklets
javascript:(function(){
f= 'http://delicious.com/save?url='
+ encodeURIComponent(window.location.href)
+ '&title='+encodeURIComponent(document.title)
+ '&v=5&';
a=function(){
if( !window.open(
f + 'noui=1&jump=doclose',
'deliciousuiv5',
'location=yes,
links=no,scrollbars=no,
toolbar=no,width=550,height=550'))location.href=f + 'jump=yes'
};
if(/Firefox/.test(navigator.userAgent)){
setTimeout(a,0)
} else {
a()
}
})()
If you use your Yahoo ID to log in, you do have to use OAuth, but if you don't, you can use the V1 api like this (from this page, worked for me in Chrome):
javascript:(
function()
{
location.href = 'https://user:pwd#api.del.icio.us/v1/posts/add?url='
+ encodeURIComponent(window.location.href)
+ '&description=' + encodeURIComponent(document.title)
+ '&tags=obvioustesttag';
}
)()
Make sure to search your tags for "obvioustesttag" since it doesn't show up in the chronological list immediately.
Try to create a regular login or new account if you currently use YahooID to sign in, otherwise, you'll have to deal with OAuth.

Categories