滚动包含来自不同域的页面的 iframe

发布于 2024-11-05 03:45:45 字数 460 浏览 3 评论 0原文

我目前正在开发一个 clicktail 克隆。我已经记录了所有鼠标交互和窗口滚动,我的计划是通过打开已记录到 iframe 中的 URL 来回放它们,然后将鼠标图像移动到捕获的坐标,图像指示何时发生单击以及iframe 滚动到捕获的滚动位置,

当我在 iframe 中查看来自我的域的页面时,这工作得很好,但是一旦我显示来自不同域的页面,我就会从 FF 控制台收到访问被拒绝的错误和相同的问题从 IE 来看,

这是由于 JavaScript 的同源策略。

我一直在读这篇文章-> 规避同源策略的方法

似乎这正在成为对于许多开发人员来说这是一个问题,并且有一些技巧可以解决这个问题。

任何人都可以建议适合我的情况的黑客吗?

I'm currently developing a clicktail clone. I've recorded all the mouse interactions and window scrolls and my plan is to play them back by opening the URL that has been recorded into an iframe and then have a mouse image move to the captured coordinates, images indicating when a click occurred and the iframe scrolling to the captured scroll positions

this was working nicely while I was viewing a page from my domain in the iframe, but as soon as I display a page from a different domain, I get access denied errors from the FF console and the same issues from IE

this is due to the Same origin policy for JavaScript.

I have been reading this article -> Ways to circumvent the same-origin policy

it seems that this is becoming an issue for many developers and there are hacks to get round it.

can anyone suggest a suitable hack for my situation ?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

心在旅行 2024-11-12 03:45:46

你总是可以假装它。也许您可以将 iframe 放置在容器 div 中(css: overflow: hide; height: /* some height */),并将 iframe 元素设置为页面的完整高度,然后滚动div?

You could always fake it. Maybe you could have your place your iframe in a container div (css: overflow: hidden; height: /* some height */), with the iframe element set to the full height of the page, and scroll the div?

厌倦 2024-11-12 03:45:46

您可以在您的域上使用 PHP 代理,该代理 (a) 将目标 URL 读取为字符串,(b) 添加 base 标记,以便图像、链接等正常工作,然后 (c)打印字符串。

最终结果是一个与外部域中的页面相同但托管在您的域上的页面。这意味着您可以从父框架在子框架中执行 JavaScript。

代理的代码如下:

<?php
    ini_set("user_agent", $_SERVER['HTTP_USER_AGENT']); // temporarily override CURLs user agent with the user's own

    $page = file_get_contents($_REQUEST["www"]);
    $page = preg_replace("/<[\s]*head[^>]*>/i", "<head><base href='".$_REQUEST["www"]."' /><base target='_blank' />", $page);
    echo $page;
?>

使用此方法时的一个考虑因素是,当用户(或 JavaScript)单击代理页面中的链接时,用户将被带到原始域(或其他地方)上的页面。这意味着您的 JavaScript 将无法再访问或执行 iframe 中的脚本。

为了使结果更加透明,在上面的代码中将链接设置为 target='_blank'

You could use a PHP proxy on your domain that (a) reads the target URL to a string, (b) adds a base tag so that images, links, etc. work correctly and then (c) prints the string.

The end result is a page that is identical to the page from the external domain but is hosted on your domain. This means that you can execute JavaScript in the child frame from the parent frame.

The code for the proxy is as follows:

<?php
    ini_set("user_agent", $_SERVER['HTTP_USER_AGENT']); // temporarily override CURLs user agent with the user's own

    $page = file_get_contents($_REQUEST["www"]);
    $page = preg_replace("/<[\s]*head[^>]*>/i", "<head><base href='".$_REQUEST["www"]."' /><base target='_blank' />", $page);
    echo $page;
?>

One consideration when using this method is that when the user (or JavaScript) clicks a link in the proxied page, the user will be taken to a page on the original domain (or elsewhere). This means that your JavaScript will no longer be able to access or execute scripts in the iframe.

To make this consequence more transparent, links are set to target='_blank' in the code above.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文