I believe it should be possible to retrieve information from another page as long as it's from the same domain right? There are some information that I would like to retrieve from this page, and to display it on another Wikia page. (So that the information can update on its own regularly).
Unfortunately, I cannot identify which specific id do I need to retrieve on the Wikia WAM page. I simply don't know how to retrieve the Rank/WAM Score information. Since the WAM Score/Rank updates regularly, the arrow image also changes depending on whether you rose or descended in your rankings. This is why I would like to pull the data from the page so that it can update regularly without having to do it manually.
Is there a way to do this using javascript?
P.S. I apologize for the inconvenience, and to have asked without much knowledge on programming (I only know basic javascript).
I believe it should be possible to retrieve information from another page as long as it's from the same domain right?
The same origin, which is about more than just domain. This is defined by the Same Origin Policy.
The two pages you asked about are on different origins, http://www.wikia.com and http://asphalt.wikia.com, because the hosts are different even though the TLD is the same. So you won't be able to use ajax to retrieve information on one from the other unless the one you're trying to get the information from shares it with the one you're trying to get it on via Cross-Origin Resource Sharing and you're using a browser that supports it.
If it does support CORS, yes, you can use ajax to query the content of the page, parse it, and extract the information you need.
If not, you might look at using YQL as a cross-origin proxy. Basically that's calling a Yahoo service that uses a server to get the page (so the SOP doesn't come into it), parses it for you, and lets you query against the parsed results.
Related
I was wondering if there's a way to add html to a webpage (from another domain) before displaying it in a iframe. Basically my idea is to make a website that allows the user to type in a website and choose or add things to the page, like copy a yahoo anwsers page and still have it function (so javascript and all still works) but the background has changed or a button that does a specific thing to the page has been added in. So far I keep running into cross domain policies and I have no idea how to get round these.
No, you cannot, this will be a massive violation of information security codes.
Imagine if someone could access your code, js and html and just alter it and access your information.
even worse, if you have sensitive information stored in the client code (you shouldn't but lets imagine), everyone across the web will have access to that information.
Displaying the webpage is one thing, you have api's for this sort of things (for example, google, twitter, facebook api's) and you pay for them too.
The reason you are running into cross domain policies is because you are not allowed to make that request. Not by JsonP and not by CORS Requests.
If you want access, look for a proper api.
For beginners, here is the Yahoo Api (Yql)
And here is it's Terms of use
Read them before you continue.
You can't do that because, if you could, an attacker could use this to exploit referred page.
Source: https://developer.mozilla.org/pt-BR/docs/Glossary/Cross-site_scripting
This may be a bit of a tricky one (for me at least, but you guys may be smarter). I need to capture the timestamp of exactly when a reader clicks a link in an email. However, this link is not a hyperlink to another webpage. It is a link formatted as a GET request with querystrings that will automatically submit a form.
Here is the tricky part....The form processing is not handled by PHP or .NET or any other server side language. It is a form engine that is hosted and managed by a cloud based marketing platform that captures and displays the form submission data (So i have no access to the code behind the scenes).
Now, if this wasn't an email I'd say it is simple enough to just use Javascript. However, javascript doesn't work so well with email, if at all (I'm just assuming there are some email clients out there that support javascript).
How would you go about capturing the timestamp for when the link is clicked without using any type of scripting? Is this even possible?
The best solution i could come up with was to have the link point to an intermediate page with javascript to capture timestamp and then redirect to the form submission. Only problem with that is that it will only capture timestamp of page load and not of the actual click activity.
There is no way to do what you want "without any type of scripting". If no scripting is done, no functionality may be added or changed.
The best option is the very one you suggested: use an intermediary page that records the request time. Barring unusual circumstances (such as a downed server), the time between a link being clicked and the request reaching the server will be less than 1 second.
Do you really need a higher resolution or accuracy than ~1s? What additional gain is there from having results on the order of milliseconds or microseconds? I can't imagine a scenario in which you'd have tangible benefits from such a thing, though if you do have one I'd love to hear it.
My initial thought was to say that what you're trying to do can't be done without some scripting capability, but I suppose it truly depends on what you're trying to accomplish overall.
While there is ambiguity in what you're trying to accomplish from what you have written, I'm going to make an assumption: you're trying to record interaction with a particular email.
Depending on the desired resolution, this is very possible--in fact--something that most businesses have been doing for years.
To begin my explanation of the technique, consider this common functionality in most mail clients (web-based or otherwise):
Click here to display images below
The reason for this existing is that the images that are loaded into the message that you're reading often come from a remote server not hosted by the mail client. In the process of requesting that image, a great deal of information about yourself is given to that outside server via HTTP headers in your request including, among other things, a timestamp for the request. Thus the above button is used to prevent that from happening without your consent.
That said, its also important to note how other mail client providers, most notably gmail, are approaching this now. The aforementioned technique is so common (used by advertisers and by other, more nefarious parties for the purpose of phishing, malware, etc) that Google has decided to start caching all mail images themselves. The result is that the email looks exactly the same, but all requests for images are instead directed at Google's cached versions.
Long story short, you can get a timestamp to note interaction with an email via image request, but such metric collection in general, regardless if its done in the manner I've outlined, is something mail clients try to prevent, at least at some level.
EDIT - To relate this back to what you mention in your question and your idea of having some intermediary page, you could skip having that page and instead you would point an image request towards a server you control
I have a service that I provide to different websites. For the website to use the service they implement a javascript that triggers a lightbox with a iframe in it.
The problem is I don't want any website to be able to use the service/iframe. Is there any way I can authenticate the websites using the iframe?
The way I see it, a random website can just take the javascript from a website using the service/iframe and implement it on it's own website.
Authenticating the actual users inside the iframe is no problem, there will be a login form and a register form. It's just the websites using the iframe I want to identify and authenticate.
Any suggestions is appriciated!
You could check document.referrer in JavaScript, and if the referring domain is not within a whitelist you provide (or the referrer is empty), don't display content at all.
But we all know how unreliable the referrer is, and it might exclude users even under wrong conditions.
Another way would only work it the sites embedding your iframe have server-side scripting and so can calculate some kind of hash - f.e. the hash of the current date and a secret keyword - and pass it as a GET parameter in your iframe URL. In your script, you check if the given value is the same as the hash you create with the same data - and display content based on that or not.
Using the current date could be problematic though if time zone settings for your server and the other site are different, and it might also break when a user calls the page around midnight. To prevent such problems, you could have the remote sites include the unix timestamp value used to create the hash as GET parameter as well - then you can check if that timestamp is not to old, and create the hash with that exact value. (Then other sites might try to just copy the parameters and use them on their page as well, but it will only work for a small time window.)
I'm trying to make a sort of map with data that overlays based on what a user selects. Currently, I just have the image on the same page shrunken, but it's rather hard to read. I was thinking I could have the entire image in an iframe and just have the user be able to scroll around the map, but Im not sure if I can use the javascript between the two pages. Would it be possible or do I have to figure out another way to get a full size image?
http://xicorp.webs.com/airlinemap.html
If the two pages are on the same domain, then you will be able to transfer information between them. If not, there are still ways to transfer JSON data between domains (using JSONP) but it will be much harder.
Yes you can. In fact, you can call functions in one javascript file that only exist in another (provided you add them in the right order).
If you aren't in the same domain, you can use JSONP to freely send cross-domain requests back and forth.
jsonp with jquery
is there a function in ColdFusion that detects whether or not a browser window is the top window? (Similar to (if (window == window.top)) in JavaScript)
The reason I ask is because I would like to make certain page elements present when the page is directly accessed by the user, and not present if my page is iframed.
CFML code runs on the CF server, whereas any considerations about browser windows obviously run on the client. CF is completely unaware of the UI configuration of the client system, all it sees is "a request". Indeed the requests don't even come from the client, they come from the web server which acts as a go-between for CF-serviced requests: CF has no interaction with the client itself.
The only information the web server gives to CF that in any way relates to the client browser is some of the stuff in the CGI scope, and obviously that's limited. And none of it relates to the configuration of browser windows / iframes.
You will need to solve this with Javascript (which I will add to the tags of your question).
To trigger different code to execute on CF given a certain browsing situation, you are going to need to use Javascript to add some information to the request to identify the situation to CF. This could be adding a parameter on the query string, or something like that.
If someone was 'wrapping' one of my products I'd want to know who and how so I could improve the experience for the user and the site owner. With that in mind, what I would do is automatically break out of any frames by default. I would then create a simple api and provide instructions to other webmasters on the proper way to include your content. Display different content once you've determined if your content is PROPERLY being included in another site. For webmasters that want to include your content:
Provide recommended height/width for the iFrame so you can
include your logo or ads with the content.
Provide anything you want them to include in the query string to help track usage.
You could even add fun stuff to your api to make your content look more integrated into the including website like reacting to url.bgcolor or url.bgimage.
You could go as simple as looking for and recording the value of some url variable like url.remoteSiteAddress or as complicated as registering the site and providing unique key. Of course there are other considerations to take into account to enforce the key. Being that you don't really care that the content is being displayed on a remote site, I suspect just recording a simple url variable is more your speed.
If a different website is putting your page in an iframe on their website, then you could use the CGI.HTTP_REFERRER variable to check if the website domain is yours or not, and load content as desired.