Cross site scripting forms - javascript

I want to help fill forms for my users with default values on other pages.
To do that I would like to show another page (from different domain) in an iframe and insert there default values when needed into fields.
But it is not possible because of cross site scripting protection.
I have checked http://sourceforge.net/projects/poxy/ and it almost works to view page through proxy but unfortunately not always. Is there another way to do that? Ie.
How to connect to fields in the iframe? Is it possible?

AFAIK, You cannot access fields from another page like iframe. If you want to fill form by using JS, you can try to write Bookmarklet for your browser. That's a bookmark which executes javascript on current page.

Related

How to run JavaScript and click button

I have the next task - I have a page where we have some interaction logic:
After a user clicks a button, my script redirects the user to another site where it must be populate 2 textfields then click button, after redirect to new page it must click on another button.
My project is based on ASP.NET MVC4.
My questions are:
May I do all of this?
If yes, how can I redirect to another page and run my script
P.S.: Second web site isn't my site and everything I know is id of buttons where I need to click.
Elaborating on my comment
You cannot do this in a normal browser. You could write a bookmarklet or two that would navigate and click but there is no script you can write in a web page that will do what you want for security reasons. A long time ago, it was possible in IE to load a banking site into an iFrame and script and monitor user interaction to steal credentials. This has been blocked.
If you save an HTML page with the extension HTA, it can be loaded from harddisk in windows and will have relaxed security so you could load the other site into an iFrame and script the interaction. This is likely not what you want.
The last method is to use for example CURL to get the foreign page, insert stuff and submit the form to the foreign site and return the result. This is not recommended either.
So the question to you is: Why do you need this and are there other ways to do what you want
1) location.href = "http://another.page.com"
2) impossible for security purposes

Pre-Fill html form using Javascript

I wanna know if it is possible to autofill an html form of a website (not local) using javascript, and if it is possible can you please put me in the right direction.
Edit : I have one mozilla extension that has some dropdowns, textareas ... from which i will get the data i want to put in the form.
Thanks.
JavaScript, running on a website, cannot cause a visitor's browser to go to another website and pre-fill a form there. This would be a serious security issue.
JavaScript running in a browser extension can, but the specifics depend on the specific type of browser extension. (i.e. Chrome Extensions and Greasemonkey extensions are different).
JavaScript running on a server (e.g. via Node.js) can go to another site and fill out a form there (e.g. with PhantomJS). It can't present the filled in form to the user without acting as a full proxy though.

Send Entire DOM through Bookmarklet

I have a site where I save URLs and I want to process and save the entire DOM (in case the site goes down -- I'll still have access to the content).
The current version of my javascript bookmarklet (which only saves the URL and Page title) has been submitting a series of GET variables to a PHP page. However this will not work for the entire DOM because there are URL limit constrictions (usually ~15,000 characters it seems).
I think that using POST would allow me to send more information but I believe that the browser will stop it because of XSS (cross site scripting) concerns.
Is there a way to send a large amount of data (15,000char+) from a javascript bookmarklet?
I'm happy to clarify!
create a form(in an iframe) -> set its values -> submit -> remove the iframe.
the reason for the iframe is so the page doesnt navigate away when you submit the form.
there wont be any permission issues.

Looking for a javascript that will force/redirect child page into iframe found in parent page

im new here new in programming. I hope you can help me :)
I am using Iframe for a project. Ive read about Iframes and I know its not the best choice.
Unfortunately I cant find another replacement for it and make it work the way I wish.
Here is my problem:
I have an index.html page, which holds a main Iframe. I have external links on same server, e.g page1.html page2.html page3.html.... what need is, prevent direct access to e.g page1 through search engines and load page1 content into index.html iframe.
I came across many scripts, redirecting to index.html and load child page into Iframe, the issue is about its ugly url link in the browser. e.g
""domainname/index.html?domainname/page1.html""
This bothers me because I need to access pages with simple url like e.g "domainname/page1" but if a user type it and click "go" it will convert to ""domainname/index.html?domainname/page1.html""
I found another choice, but I dont know how to implement it the way i need it, i.e access sub-domains with simple slash (domainname/content) here it the link:
http://www.hashbangcode.com/blog/using-jquery-load-content-page-without-iframe-536.html
Have you considered using a robots.txt file to instruct the search engine crawlers to ignore the pages? Saves you a lot of trouble and lets you build the site without such contrivances.
Have you checked out using robots.txt? This could be used to prevent browsers to avoid pages you do not wish to appear in search results.

Fill out form on websites from within code

I'm working with websites that have forms on their pages. I need to fill out the form and then submit it, using Javascript.
The problem that I'm running into is that if I make a GET request in order to get the HTML of the page, then I don't have access to the JS running on that page and therefore, I can't actually submit the form (since the page is not connected to the server). How would I be able get around this? It could also be that some pages aren't running JS, but are running PHP scripts instead.
You need a headless browser in this case. Here's one for .NET, if you can code C#, otherwise there are plenty of others for different platforms and languages.

Categories