vimeo / youtube 等如何在其 iframe 中获取引用 URL?

发布于 2024-10-05 08:29:49 字数 834 浏览 9 评论 0原文

对这个主题的大量答案和问题感到困惑。

现在,我接受安全 JS 情况不允许从 iFrame 到容器窗口/页面的跨域访问,但 Fragment IdentiferspostMessage API 的许多文章中引用的理想解决方案确实是莫名其妙。

我想做的是复制 vimeo 似乎已经取得的成果;他们的新 iframe 嵌入代码

<iframe src="http://player.vimeo.com/video/17263117" width="400" height="225" frameborder="0"></iframe>

使用 http://a.vimeocdn.com/js/player_combined .opt.js?8ba54 并且似乎能够从父加载页面填写 iframe 源中的引用网址。即 www.donkey.com/myvideo.html 被插入 http://player.vimeo.com/video /17263117页面。通常,对于 JS 上的安全块,使用简单的parent.location.href 是不可能的。因此,我对此进行了研究,并一直在进行一场真正疯狂的追逐,以找出如何做到这一点。

我试图理解他们的 JS 并使用 postMessage API,但没有任何东西可以展示。非常欢迎任何指导。

Baffled by the huge quantity of answers and problems on this subject.

Now, I accept the security JS situation disallowing cross-domain access from iFrame to container window/pages but the ideal resolutions cited in numerous articles of Fragment Identifers or postMessage API is truly baffling.

What I want to do is replicate what vimeo seem to have pulled off; their new iframe embed code

<iframe src="http://player.vimeo.com/video/17263117" width="400" height="225" frameborder="0"></iframe>

Uses http://a.vimeocdn.com/js/player_combined.opt.js?8ba54 and seems to be able to fill out a referrer url in the iframe's source from the parent loading page. I.e. www.donkey.com/myvideo.html gets inserted in the http://player.vimeo.com/video/17263117 page. Normally, with security blocks on JS this is not possible with simple parent.location.href. So, I looked into it and have been going on a truly wild chase of the goose to find how this can be done.

I've tried to understand their JS and played with postMessage API but haven't got anything to show. Any guidance is very much welcome.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

↙厌世 2024-10-12 08:29:49

它根本不需要从 源获取它(正如您已经注意到的,安全限制阻止了这种情况),它作为标头传递到服务器,并在中呈现页面由其服务器供 JavaScript 使用,请查看页面中定义的 options 变量。


让我们在这里举个例子: http://www.jsfiddle.net/nick_craver/FfuPk/

如果您查看对 http://player.vimeo.com/video/17263117 的请求,

您将看到引用网址已被传递:

Referer: http://fiddle.jshell.net/nick_craver/FfuPk/show/light/

在 iframe 加载的页面中的脚本块中,您将看到:

var options = {config: {
               //....
               "referrer":"http:\/\/fiddle.jshell.net\/nick_craver\/FfuPk\/show\/light\/"
               //....
              };

这就是它如何获取引用网址,最终从浏览器发送到的标头服务器。

It doesn't need to get it from the <iframe> source at all (security restrictions prevent this as you've already noted), it's passed to the server as a header, and it's rendered in the page by their server for the JavaScript to use, look at the options variable defined in the page.


Let's take an example here: http://www.jsfiddle.net/nick_craver/FfuPk/

If you look at the request to http://player.vimeo.com/video/17263117,

You'll see the referrer get's passed:

Referer: http://fiddle.jshell.net/nick_craver/FfuPk/show/light/

In a script block in the page loaded by the iframe you'll see:

var options = {config: {
               //....
               "referrer":"http:\/\/fiddle.jshell.net\/nick_craver\/FfuPk\/show\/light\/"
               //....
              };

So that's how it gets the referrer, ultimately from the header sent by your browser to the server.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文