WebBrowser控件:禁止跨站XSS过滤,或另一种方式来处理JS完全的HTML [英] WebBrowser Control: Disable Cross Site XSS Filtering or another way to process JS in full on HTML
问题描述
我想用我的Web浏览器控件来从一个特定的页面,包括所有的子页面的内容检索日期。问题是某些子页面都在独立的领域,因此我得到一个权限屈尊错误,当我尝试访问框架[通过document.windows.frames(我).document]。
I am trying to use my web browser control to get retrieve date from a specific page, including all sub-page content. Problem is some of the sub-pages are on a separate domain and thus I am getting a permission deigned error when i try to access the frame [through document.windows.frames(i).document].
现在我明白这是发生概述在 HTTP的原因:// MSDN .microsoft.com / EN-US /库/ ms533028.aspx 。然而,用户浏览谁不希望JavaScript的嗅探他们的历史/饼干网站不同的是,我身体打开我的程序并运行该应用程序这样做的目的。
Now I understand the reason this is happening as outlined at http://msdn.microsoft.com/en-us/library/ms533028.aspx. However, unlike a user browsing a site who does not want javascript sniffing their history / cookies, I am physically opening my program and running the application for the purpose of this.
有没有变通要做到这一点,即使我必须手动更改安全设置?我试着翻在IE我的所有设置,允许,仍然同样的错误。我将只在本地运行的应用程序,没有人会浏览的IE浏览器,所以我可以真正地改变需要得到这个工作(即使安装IE浏览器的老版本可能会允许,但仍然可以处理JS处理)的任何东西。
Is there any work around to do this, even if I have to manually change security settings? I tried turning all my settings in IE to allow and still same error. I will only be running the app locally and no one will be browsing on IE so I can literally change anything needed to get this to work (even install older version of IE which may allow it but can still handle JS processing).
请注意我使用的网络浏览器的原因是大多数的数据,我将要访问的是JS生成的,所以我需要访问JS处理后的DOM /生成的HTML。因为这一点,只需使用套接字来获取HTML真的不是一个选项。即使我有HTML,我还需要一些类型的发动机来处理所有基于关闭JavaScript中的DOM元素。如果你知道来替代的,是完全可以接受的呢!
Note the reason I am using web browser is a great majority of data I will be accessing is JS generated, so I need to access the DOM after JS processed / generated the HTML. Because of this, simply using SOCKETS to get the HTML is really not an option. Even if I had the HTML, I still need some type of engine to process all of the DOM elements based off javascript. If you know of an alternative to this, that is completely acceptable too!
在此先感谢!
推荐答案
您可以在服务器上创建一个代理服务器获取数据,你会从你自己的域名将其加载到一个隐藏分区,然后你就可以用JS让你从HTML所需要的数据。
You can create a proxy on your server to fetch the data and you'll load it from your own domain into a hidden div and then you will be able to use JS to get the data you need from the HTML
这篇关于WebBrowser控件:禁止跨站XSS过滤,或另一种方式来处理JS完全的HTML的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
