Autostart remote site internal in iframe

Question

Autostart remote site internal in iframe

I have an existing remote site that has authentication for access, now I want to combine this site on my own site using an iframe. Is there any solution that can help the remote startup site when loading the iframe?

<iframe src="http://remote.com/list"></iframe>

If you want to access http://remote.com/list , you need to log in and only provide a username / password. How to auto-register when loading iframe?

Here are some limitations.

login only works with post method
iframe / javascript has cross domain problem
Login API does not provide
no other modification can do in the remote site

+8

javascript html iframe autologin

linbo Aug 9 '12 at 7:50

source share

4 answers

Jakub hubner · Answer 1 · 2013-05-30T10:31:26+0000

Everything is possible. However, the solution below is very insecure due to the disclosure of access to the remote page.

 <form id="login" target="frame" method="post" action="http://remote.com/login"> <input type="hidden" name="username" value="login" /> <input type="hidden" name="password" value="pass" /> </form> <iframe id="frame" name="frame"></iframe> <script type="text/javascript"> // submit the form into iframe for login into remote site document.getElementById('login').submit(); // once you're logged in, change the source url (if needed) var iframe = document.getElementById('frame'); iframe.onload = function() { if (iframe.src != "http://remote.com/list") { iframe.src = "http://remote.com/list"; } } </script>

The username and password inputs are read on the client side.

Subir kumar sao · Answer 2 · 2012-08-09T09:53:59+0000

If you own another site, you can try authentication through some token.

Pass the authorized token to the urls in the iframe.

pho · Answer 3 · 2013-06-20T10:18:35+0000

Here is my implementation for this. However, this does not solve the problem between domains. For a cross-domain problem, you can try using the jQuery JSONP method (I have not tried combining jQuery with this solution yet).

 <iframe id="MyIFrame" width="400" height="400"></iframe> <script type="text/javascript"> var iframeURL = 'http://mysite.com/path/applicationPage.aspx'; var iframeID = 'MyIFrame'; function loadIframe(){ //pre-authenticate var req = new XMLHttpRequest(); req.open("POST",this.iframeURL, false, "username", "password"); //use POST to safely send combination req.send(null); //here you can pass extra parameters through //setiFrame SRC attribute var iFrameWin = document.getElementById(this.iframeID); iFrameWin.src = this.iframeURL + "?extraParameters=true"; } //onload, call loadIframe() function loadIframe(); </script>

PhonicUK · Answer 4 · 2012-08-09T09:46:37+0000

Unable to execute. Just like that. Cross-domain restrictions are specifically designed to prevent you from doing something like this.

Autostart remote site internal in iframe

More articles: