Trying to open a URL in iframe - javascript

I have two iframes in a HTML page with 50% of the screen shared by both.
In the first iframe http://www.google.com is opened and in the second iframe http://www.nytimes.com is opened.
On Page Load, the page is automatically redirecting to http://www.nytimes.com.
What could be the problem for this?

Most likely, the nytimes.com home page has framebuster script on it.

Their home page include this JS file which contains the following code:
(function() {
if (window.self != window.top && !document.referrer.match(/^https?:\/\/[^?\/]+\.nytimes\.com\//)) {
var expTime = new Date();
expTime.setTime(expTime.getTime() + 60000);
document.cookie = "FramesetReferrer=" + document.referrer + "; expires=" + expTime.toGMTString() + "; path=/";
top.location.replace(window.location.pathname);
}
})();
This cause the behavior you see.
To protect against this, see the following question here: Keeping pages inside an iframe

Simply because nytimes.com dislike frames and wants to use all of your browserspace.
Why would you ever make a site like that anyway?

i am guessing that you mean that the iframe container is being redirected. maybe you want to check for some sort of iframe inclusion detection. take a look at: From the server is there a way to know that my page is being loaded in an Iframe

Check this out OWASP - ClickJacking
Only for Chrome
<iframe id="my_frame" sandbox> </iframe>
Works great for me ... :)

Related

How to do a page redirect using javascript?

I am currently using this code which is working great except for iframes :
var domains = ["domain1.com", "domain2.com", "domain3.com"];
if (domains.indexOf(document.location.hostname) == -1 && document.cookie.indexOf('redirected=1') == -1) {
document.cookie = "redirected=1";
window.location.replace('http://domain1.com');
}
alert("Join our main website ==> http://domain1.com");
but when my website is iframed in other sites the code doesn't work, and if i use window.location.open or window.location.href it will be blocked by popup blockers.
is there another way to do a redirect or a page open without being stopped by popup blockers or just a redirect that can redirect the whole page that has the iframe to another page ?
Thanks in advance.
-tool
You can use the "top" property of window to access the parent window,
like:
window.top.location="http://domain1.com";
Try an approach with creation of meta tag:
<meta http-equiv="refresh" content="5; url=http://example.com/;">
Or in case domain in urls of your iframe it is possible to access the parent document and hence update the iframe's src.

Detect window close command from child (iframe)

I have an iframe in my html page from another website.
User does something in that iframe, and then the page closes itself. (that page isn't for me, I can't change the functionality of that)
I want my html page to detect this close command from child and then, change visiblity of the iframe to false.
How to do that??
Save the current location and use use setInterval to start the loop.
var startingLocation = document.getElementById('myIFrame').location;
setInterval("checkChildLocation",1000);
function checkChildLocation() {
if(document.getElementById('myIFrame').location != startingLocation) {
/* the iframe has changed */
}
}
Or something like that.
I believe this violates the cross origin policy, and cannot be accomplished. Have a look at:
https://developer.mozilla.org/en/Same_origin_policy_for_JavaScript
http://en.wikipedia.org/wiki/Same_origin_policy

How to force an iFrame to reload once it loads

I have numerous iframes that load specific content on my pages. Both the parent and iframe are on the same domain.
I have a scrollbar inside the iframe that doesn't seem to load correctly in all browsers. But when I refresh the iframe it loads perfect. I have no idea why it does this.
I have used the meta refresh, which works but I don't want the page to refresh constantly, just once.
The solution I'm looking for will reload the iFrame content after the iFrame is opened, with a minimal delay.
Edit
I realized that my page loads all of my iframes when the index is loaded. The iframes appear in a jQuery overlay, which is also loaded but visibility:hidden until called. So on this call is when I would want the iframe to be reloaded.
Could anyone help me come up with a Javascript function that reloads the iFrame when I click the link to the iFrame? I've gotten close but I know nothing about js and I keep falling short. I have a function that reloads the page, but I can't figure out how to get it called just once.
I have this so far:
<script type="text/javascript">
var pl;
var change;
pl=1;
function ifr() {
if (pl=1) {
document.location.reload([true]);
alert("Page Reloaded!");
change=1;
return change;
}
change+pl;
}
So basically it uses the document.location.reload which works to reload the page. I'm trying to then make pl change to something other than 1 so the function doesnt run again. I've been calling this JS from the body with onLoad.
All the leads on this went dead, but I did find a code snippet that worked. Not written by me, and I don't remember where it came from. Just posting to help someone should they ever have the same question.
<div class="overlay-content"> //Content container needed for CSS Styling
<div id="Reloader">
//iFrame will be reloaded into this div
</div>
//Script to reload the iframe when the page loads
<script>
function aboutReload() {
$("#Reloader").html('<iframe id="Reloader" height="355px" width="830px" scrolling="no" frameborder="0" src="about.html"></iframe>');
}
</script>
</div>
Basically just loads the iFrame source when the window with the iFrame opens, as opposed to the iFrame loading when the original page loads.
Beyond the scope of the original question, however this jQuery snippit works with cross domain iframe elements where the contentDocument.location.reload(true) method won't due to sandboxing.
//assumes 'this' is the iframe you want to reload.
$(this).replaceWith($(this).clone()); //Force a reload
Basically it replaces the whole iframe element with a copy of itself. We're using it to force resize embedded 3rd party "dumb" widgets like video players that don't notice when their size changes.
On the iframe element itself, set an onload:
iframe.onload = function() {this.contentWindow.location.reload(); this.onload = null;};
(Only works if the iframe's location is in the same domain as the main page)
Here's a complete solution to the original question:
<iframe onload="reloadOnce(this)" src="test2.html"></iframe>
<script>
var iframeLoadCount = 0;
function reloadOnce(iframe) {
iframeLoadCount ++;
if (iframeLoadCount <= 1) {
iframe.contentWindow.location.reload();
console.log("reload()");
}
}
</script>
The updated question is not really clear (what's "the link to the iFrame" and where is it in your snippet?), but you have a few issues with the code:
"calling this JS from the body with onLoad", assuming you mean an iframe's body, means the variable you're hoping to use to avoid infinite reloading will get clobbered along with the rest of the iframe's page when it's reloaded. You need to either load a slightly different URL in the iframe (and check the URL on iframe's onload before reloading) or put the flag variable in the outer page (and access it with parent.variableName - that should work I think)
if (pl=1) { should use ==, as = is always an assignment.
change+pl; has no effect.

How can i remove the http header referer informations(saved by browser) using javascript?

For example, there is a "Link" called go to view at the bottom of the my page, which is redirecting to http://localhost/test.php.
If we use $_SERVER['HTTP_REFERER'] in test.php page it will display the url of the page from which link was clicked.
The problem is this: my URL can be seen at the target page. This needs to be avoided. How can i do this using javascript?
When JavaScript gets to it, it is too late. Plus JavaScript can not do it.
There is no cross-browser solution. For example this code works in Chrome, but not in FF:
classic html link<br/>
js trickery
<script>
function goto(url) {
var frame = document.createElement("iframe");
frame.style.display = "none";
document.body.appendChild(frame);
frame.contentWindow.location.href="javascript:top.location.href = '" + url + "';";
}
</script>
There are third party solutions. You can find any number of them by searching "referer hide" or "refer mask" with you favorite search engine. - Some of them look sady, so try to find a trustworty one.
On the other hand. This is part of Internet culture. Referers can be used for valuable statistics for example. And if your website is in a crawler's index, they can find the link anyway.
Check http://www.referhush.com/
As sentence on this site says :"Webmasters can use this tool to prevent their site from appearing in the server logs of referred pages as referrer."

force left (nav) frame when show some pages

I've an old website, navigation in an frame at left, pages at right.
I want when an page is url'd directly the nav (left frame) shows also.
Until now I was an js working, but I don't know from when it are not working,
now returns this message:
Forbidden
You don't have permission to access /master.html on this server.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.10 (Unix) mod_ssl/2.2.10 OpenSSL/0.9.8i DAV/2 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at www.cpis.es Port 80
The code I was using is
http://www.webmasterworld.com/forum21/1205.htm
Call this javascript code from the HEAD section of each child page. The code creates a variable from the URL of the page, and then passes that variable in the new location's URL. This means a "master" frameset can load this exact page in the content section:
<SCRIPT LANGUAGE="JavaScript">
passpage = document.URL
if (top.location == self.location)
top.location.href="master.html?" + passpage
</script>
Then create just one "master.html" page. It holds the JavaScript code to decipher whatever URL is passed after the "?" and it writes that page into the content frame:
<html>
<head>
<title>Master Frameset</title>
</head>
<script language="JavaScript" type="text/javascript">
origURL = parent.document.URL
contentURL = origURL.substring(origURL.indexOf('?')+1, origURL.length)
document.write('<frameset cols="20%,80%"><frame src="leftnav.html" name="nav"><frame src="' + contentURL + '" name="content"><\/frameset>')
</script>
</html>
Thanks, Guillermo.
Sorry for delay.
Looks like the problem is in this little peace of javascript:
passpage = document.URL
if (top.location == self.location)
top.location.href="master.html?" + passpage
It should be:
passpage = window.location.pathname;
if (top.location == self.location) {
top.location.href="master.html?" + passpage;
}
You have to change that code in each page which you have in the link list. I think that should fix the problem.
I just checked the website and it seems to be working now. My guess is that there was no file located at http://www.cpis.es/master.html on server.
If the problem still exists please provide steps so we can reproduce it and see what went wrong.
Thanks Maiku Mori,
in order to properly test the problem please do the next:
go to www.cpis.es
click the second option in the menu (CoPrint)
ok, you see the leftnav + the page
now go directly to the page
go to www.cpis.es/coprint.htm
error, you got the forbidden page.

Categories