Welcome to WebmasterWorld Guest from 3.227.233.6

Forum Moderators: open

Message Too Old, No Replies

Knowing the inside of a frameset

     
6:19 pm on Aug 6, 2016 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Dec 15, 2006
posts: 201
votes: 26


I want to have an outer frame that is static and an inner frame people will use to browse the web.

Is there any way to know the url of the inner frame when people click on a link and pass it to my server?
6:57 pm on Aug 6, 2016 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 29, 2005
posts:10120
votes: 1004


Are you using a true frameset , or an iframe pretending to be one?
7:01 pm on Aug 6, 2016 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Dec 15, 2006
posts: 201
votes: 26


I was planning to use an iframe. But I would use either to get the job done. I basically want to have a page that avoids certain sites (for example malware). When a user visits a site (using the inside frame) the url would be checked against a database of urls and if found the user would be redirected to an alternate page.
9:48 pm on Aug 6, 2016 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:2091
votes: 370


I don't think so. Browsers have cross site scripting (XSS) protection measures to prevent you from doing something like that. To combat malware, ironically, and phishing in particular.
1:00 am on Aug 7, 2016 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Sept 26, 2001
posts:12913
votes: 893


Browsers have cross site scripting (XSS) protection measures to prevent you from doing something like that.
Can't that be controlled with a cross-domain-policy file (crossdomain.xml)?
1:10 pm on Aug 7, 2016 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:2091
votes: 370


Can't that be controlled with a cross-domain-policy file (crossdomain.xml)?

Only if you have control over the (target) domain, and in this scenario users will freely "browse the web" from the inner frame.
7:40 pm on Aug 9, 2016 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Dec 15, 2006
posts: 201
votes: 26


Is there any way to accomplish something like this or fairly similar using a different technology. All I can think of is writing a browser which is fairly non trivial to say the least.
9:48 pm on Aug 9, 2016 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 25, 2005
posts:2091
votes: 370


How about a browser extension?

You could also run all traffic through a web proxy.
11:28 pm on Aug 9, 2016 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Dec 15, 2006
posts: 201
votes: 26


The web proxy is an interesting idea. I have used web proxies but I am not too familiar with them.

If I ran a web proxy could I do a domain redirect when they hit a flagged site.
2:27 am on Aug 10, 2016 (gmt 0)

Full Member

10+ Year Member Top Contributors Of The Month

joined:Dec 15, 2006
posts: 201
votes: 26


Hmm after doing some research I think I am not interested in the web proxy method. It would solve the problem. I actually got the code to set one up. But after some more research it seems there is some liability in running a proxy depending on what users of your proxy do.