Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 14 of 14
  1. #1
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Simple JS function doesnt work all the time?

    Hi,

    Im working on project that needs to pass the entire content of an iframe to PHP. I am trying to do this with javascript:
    Code:
    <script type="text/javascript">
    function transfer()
    {
    w =	document.getElementById('inline').contentWindow.document.body.innerHTML;
    document.getElementById("src").value=w;
    }
    </script>
    The script reads the contents of the "inline" frame, and sets the textarea "src" to have that value.

    The issue is that when I call transfer() and frame "inline" is set to "http://localhost/", it works fine and dandy.
    If I use any other external site, it doesn't work.

    Any problems you can see?

    Thanks

  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    And it won't work.

    Browsers enforce what is known as the "same origin policy".

    JavaScript can *NOT* read any information from any source that is not served up by the same server that the original page came from.

    This is done specifically to protect users from malicious JavaScript that is included from other sites, such as from ads via <iframe>s and the like.

    There is a way around this FOR YOUR OWN COMPUTER ONLY, but not for any code that will be published on the internet.

    There are also ways around this using server side code. Something as simple as a proxy server, for example, can allow you to *look* like you are doing this.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #3
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Looks like I've answered my own question, JS is throwing a permission denied error when I try to the body of the other frame.

    So moving on, is there any way (with javascript or anything else) to copy the source of another frame, and post it to PHP?

  • #4
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    Or do it the other way around.

    As I said, use a PHP-based proxy server.

    It can be as simple as this:
    Code:
    <?php
    $url = $_GET["url"];
    echo file_get_contents("http://" + url );
    ?>
    Name that PHP file "proxy.php".

    And then you could do something like
    Code:
    <iframe src="proxy.php?url=someothersite.com/somepage.html"></iframe>
    And now the JS code in your main page can read anything it wants in the iframe.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #5
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Will try.
    Last edited by swraman; 05-07-2013 at 06:31 AM.

  • #6
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    I don't use PHP, but I read the PHP docs and gave that answer to somebody last week. They tried it and said it worked great.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #7
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks - gettin closer...

    But as soon as I click on a link in the iframe, it loads a page from the external site and it is no longer a page I have access too. For my purposes I would have to login to the site in the iframe, so clicking links is a must.

  • #8
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    So use JavaScript code to FIND all the links in the <iframe> and change them!

    That is, if a link in the <iframe> looks like:
    Code:
    <a href="somesite.com/foo.html">
    use JS to change the href to
    Code:
    <a href="proxy.php?url=somesite.com/foo.html">
    Finding all links (and all <form action=> if there are any) is pretty trivial with JS code.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #9
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    You could also make those changes in your PHP code, but it's almost surely easier to find the needed urls with JS coding.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #10
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Google has convinced me that what I want to do is not possible.

    I can't just replace the URLs, as PHP would need to pass post vars and store cookies, which file_get_contents() can not do/

  • #11
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    Ahhh...yes, that is a different proposition.

    It *could* be done, but it would take a moderately complex bunch of PHP code to do so.

    Yes, PHP can "spoof" cookies and can post data on your behalf, but then you still have other problems to contend with. Such as spoofing the HTTP_REFERER. And more, depending on how strong the protection is on the site you are trying to spoof.

    Needless to say, what you are trying to do is what most sites (especially Google, by the by) are doing their best to prevent.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #12
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Yep, I am fairly competent in PHP and know there are certain plugins that are meant to do this. But looking at the site I am trying to access I think it will be very difficult.

    Thanks again for the help

  • #13
    New Coder
    Join Date
    Jul 2008
    Posts
    17
    Thanks
    1
    Thanked 0 Times in 0 Posts
    I guess I have a solution...not a "real" one but for my purposes...

    my applet will only be used my myself and a couple others so I will just have all of us disable the cross origin policy in our browsers.

    Thanks again

  • #14
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,553
    Thanks
    78
    Thanked 4,382 Times in 4,347 Posts
    Yes, that's pretty easy to do with Chrome.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •