How to store cookies in crossdomain operation of Javascript? - javascript

I want to develop a small javascript tool for browsers.
This tool can extract some content from current webpage and submit it to another site.
The whole work flow is divided into 3 stages.
The first stage is to extract content from current page.
The second stage is to log in. The user needs to enter their username and password in a login form.
The third stage is to submit the content abstracted from the first stage.
My problem is that the third stage needs the cookie from the second stage.
I have tried iframe, but failed.

Cookies need to be, at least, on the same top domain and the cookie set to be visible up to the top domain. If you are on another domain, this is not a viable option.
Another way you can pass data is via a form submit. Assuming you are on a page on a foreign domain, using this technique, you can have your script build a login form that submits to your site, along with the data you gathered. It also means the 2nd and 3rd step is merged. No cookies needed.

Related

React ask user to fill a form on external site and get back

I have a react app. I need to send a user to fill a form(s) on an external page (in another domain), and then get back with the result (success/fail) of the form submitted there, to continue the process in my react app.
I don't control the other domain or the app there (it is a 3rd party), but I can ask them to make changes (and maybe they will agree, if it is not too complex).
The external forms are not html only, trey have javascript in them as well (for example to autocomplete cities names, etc).
How can that be achieved?
I thought about few options:
Iframe + postMessage
Popup + postMessage
Redirecting, and asking them to change site so they will redirect back to me on form completed.
Asking them to make a special form just for me that I can embed inside my design.
Issue with 1,2,3 is that it will show the entire external page, which has not just the form, but also other links, so user can get "lost" and never come back.
Is there a simpler way to do that? The less I need to rely on them to make changes the better, and if I can avoid iframe/popup/redirecting and show the form inside my app is better

PHP passing session id between different devices

My problem is simple.
I have two users on two different devices accessing the same servers pages (page 1 and page 2 respectively ).
I want to use php forms in one page to change the second users page.
(i.e. 1st user on page 1 presses a button and changes the image on 2nd users page 2 , on a separate device).
I thought I could do it by using the 2nd users session ID in the form on the 1st persons page, and fool the server to reload the 2nd users page with the updated info.
But i can see no example of it anywhere on the web. Is this possible or should I just use Ajax?
Thanks for any help.
I would suggest not hacking Session ID's like that, they're meant to identify a single user.
If you want data shared between users it's likely you'll be well served using a database, such as MySQL as commonly runs along PHP.

Using cloudflare to cache dynamic pages

We have a number of pages where the only dynamic content is the user info (Name, profile link, # of items in shopping bag) which is at the top corner. These pages can take upto a second or more to load sometimes.
We are thinking of changing the pages so that the entire HTML page is cached using Cloudflare, then when it's displayed, JavaScript will check for the presence of a cookie name "Username" and "CartCount" and update the profile accordingly, or if the cookie is not available, show the customary login icon.
Is this method feasible and are there any security precautions that need to be taken?
Not only it's feasible, it's actively used by some of the big websites - eg. Airbnb, TripAdvisor.
You may notice that if you open these websites (and many others) at first it looks like you are not logged in, and then later DOM updates with your user name.
The only issue I see is CSRF tokens - if you cache the pages, your tokens will be outdated and not longer useful. You will have to turn off CSRF checks for your AJAX requests and sign in page.

Is it possible to collect data from one page and autofill it onto a form on a different site using JS/jQuery?

A site I am working on requires user information to be collected from a form when the user presses the submit button. The site will then take the information and plug it into a more robust form on a different page, so the user does not have to retype the information twice.
Is this possible using javascript?
Any help appreciated.
Once the user leaves the current page, the JavaScript on the original page is no longer running, They will load up the other page and run that page's JavaScript.
Do you have ownership of both pages?
If so, then you can leverage the form GET to pass information across pages, so the next page will have a Query string, and JavaScript can parse that.
Another way to move data from one page to another is to use Cookies. So it really depends on how much data you want to move around.
But I highly recommend that you leverage the server-side technology to handle the form GET or POST and carry information across pages.
This completely depends on the OTHER site. You can have a form with the same field names and post it to the same URL the other site's form uses.
BUT - if that site checks to see where the original post came from, it may block you out.

Save state of view of page in grails

I have a page that is generated from a bunch of grails templates being rendered, with javascript widgets and stuff, that specify parameters for a search engine we are developing. The problem is, if someone clicks on a person returned in the search results and it takes them to another page, and then they hit the browser back button, the search parameters and dynamically created widgets and previous search results are all gone.
I dont really want to have to programmatically re-build the page based on the search parameters (which I can save as a session variable), and I would then have to re-run the search query again to get the results back. is there a way to save a page just as it was created?
Thanks
Popup a javascript window with information about that person instead of taking them to another page. In the worst case set the target of the person link to _new and that will force open a new browser window/tab.
At some place the search parameters have to be saved. Either on server or client side. On the server side you only have the options session or flash scope.
On the client side you could store those values in a cookie. This needs some bits of javascript.
However theoretically the browser will keep manually changed form field-values out of the box. He is identifying the form fields by its name/id. It should not be necessary to do any programmatically things, except if you are loading some parts of the page via AJAX. Maybe you can doublecheck, that the input fields have static name/id pairs or you have some meta/cache/html settings, which prohibit such mechanism (double check, that your form does not have autocomplete="off" setting set. This will prevent the browser to refill your form fields.
Grails itself does not offer things like you need out-of-the-box (and I do not know if other frameworks have - maybe except for Seam, which has a concept of conversation scope; but even this feature will not work out-of-the-box if the user uses the browser back button). The easiest way is to make your search page some kind of cacheable (for the browser, by settings HTTP-headers or meta tags), so that the browser is not trying to reload the page from the server again, if the user presses the browser back button. And double check the autocomplete="off" setting.

Categories