I have two pages which live within the same folder,
1) index.php
2) test.html
On test.html, there is an iframe with index.php as the source.
However, I'd like to disable javascript access to index.php from test.html. In other words, index.php should act like its on a different domain, even though it is on the same domain.
How can I accomplish that?
most simplest way, is it possible for you to create a alias sub-domain pointing to your server? if so you can do that by doing following:
http://mydomain.com/index.php
and then call test.html by
http://myaliasdomain.com/test.html
See if this is possible or else we can think of different solution.
Related
I have a domain like mine.com which has a JS file on it (mine.com/some.js) and has an iFrame form (mine.com/form/) that people can submit. My clients put a link to the the JS file on their site (which itself injects the iFrame) such as <script src='https://mine.com/some.js'></script>) but since the JS file is still on MY domain, can I use that script to read the form's contents?
I understand that their domain cannot read the contents of the iFrame, but since the script itself is hosted on my domain is there a way to authorize this?
I have two websites. Domain.com and DomainTwo.com
Domain.com hosts all of the content and DomainTwo.com mirrors that content using a simple iFrame.
What I'd like to do is make it so if I link to "DomainTwo.com/folder/samplefile.jpg", the iFrame matches the URL and creates an iFrame for Domain.com/folder/sampelfile.jpg.
In other words, you wouldn't be able to tell DomainTwo.com is actually iframing anything unless you viewed the source code of the page.
Thank you!
Have you tried plopping the URI in your iframe src?
<iframe src ="http://Domain.com<?=$_SERVER['REQUEST_URI']?>">
in javascript it would be something like:
document.getElementsByTagName("iframe")[0].src = "http://domain.com" + location.pathname;
Of course clinking inside the iframe will not update the url. You'd probably be better of using wildcard domain, domain mapping, or whatever that's called.
I have two websites www.mywebsite.com and www.otherwebsite.com. I use iframe to redirect mywebsite.com to otherwebsite.com. Is there a to change the path of url on page change. For example when a link otherwebsite.com/contact.html is clicked the frame adds /contact.html to mywebsite.com making it www.mywebsite.com/contact.html. I tried adding the code below to the page but it doesn't seem to work on the frame.
history.pushState(null, "A new title!", "contact.html")
what you trying to do is not possible without a server side language (for example php).
this is because you need to define filename as a variable for your frame to load it with another site.
but you can do it at some static way like making the real contact.html and code it with a frame that shows contact.html for another side ... but i dont think that would be a dynamic way without any server side coding...
I have a local webpage (on my file system). I wish to load an iframe on the page that displays domain.com. I wish to change the iframe contents.
I can get access to domain.com and can get them to host a javascript file for me. So this should mean I do not run into the issue of same origin. It take ages for my file to get uploaded as it is done by a different team etc. My idea was on the server domain.com in my js file I could call another js file on myserver.com. Is it is being included in the domain.com js file it should work... well it doesn't.
Is this possible?
domain.com js file is as follows:
$(document).ready(function(){
$.getScript("http://www.myserver.com/my.js");
});
my.js on my server is doing
alert($("iframeID").contents().find('body').html());
It is returning null
If in my.js I do
alert('test');
Test is alerted to me.
The Same Origin Policy applies to the page sources, not the JavaScript. If your page is from one place (a file:// URL) and the other page is from another domain, then it doesn't matter where your script is hosted.
I'm not sure I got your scenario 100%. Correct me if I'm wrong:
You have a page with an iframe, and the iframe points to a page at domain.com
The page at domain.com attempts to retrieve your script from myserver.com, using $.getScript()
The script, when loaded, needs to modify the DOM on the page in domain.com (the one in the iframe)
The element iframeID in your code sample alert($("iframeID")... refers to the iframe on your page, where the page from domain.com is displayed
If this is correct, the issue is that the javascript executing inside the iframe on domain.com knows nothing about the iframe. It doesn't even know it is in the iframe. You can manipulate the page like any other HTML document, because the script is executing within the page in domain.com -- it doesn't matter where the script originally came from.
So you can print the body of the page in domain.com very simply:
alert($(body).html())
I have an frame that has a web application inside it. it expects that certain javascript functions will exist on the page that it can call. How can I inject these javascript functions into the iframe from my parent application?
Your question is a little vague on details, such as whether you control the content inside the iframe or not. But there are a number of ways to go about accessing/applying Javascript between frames.
In the page contained within the iFrame:
parent.FunctionName();
This will call a function that exists within your main page that contains the iframe.
Similarly:
YourIFrameName.FunctionName();
Will call a function in your iframe from the parent.
You can also package the needed Javascript functions into a .js file. And include them in the header of whatever page needs them (the iframe and/or the main page).
Include this in your <head>:
<script type="text/javascript" src="YourJavascriptFile.js"></script>
However, if you do not control the contents, and run into the same origin policy, you have two options:
1) Rethink your application.
2) A workable mess: You would need to
call a script from the iframe that
does some cURL type magic to pull the
page contents of the included web app,
inject the needed Javascript, and then
output the altered contents in a
meaningful way.
If you decided you need to go the route of #2, I can edit with more specifics.
As Robert mentioned, I think that violates the same origin policy in most (if not all) browsers.
Alternatively, instead of trying to inject the functions into the iframe, why not have the iframe content reference them directly from the iframe's parent?