在重定向之后可以找到跨网域iframe的新网址吗? [英] Is it possible to find a cross-domain iframe's new URL after a redirect?
问题描述
我想在我的网站的另一个子网域上发布到应用程式的登入表单。这是我无法访问源代码的第三方应用程序。
I'm trying to post to the login form of an application on another subdomain of my site. It's a third party app that I don't have source access to.
我知道您无法访问跨网域iframe的大多数功能,因为同源政策。但是,我需要访问的是在iframe中重定向到(通过JavaScript)的网址。它有一个会话令牌,我想通过。
I know that you can't access most features of a cross-domain iframe because of same origin policy. All I need to access, however, is the URL that's been redirected to (via JavaScript) within the iframe. It has a session token that I want to pass through.
这似乎是一些可能是安全的,允许,但我没有找到一种方法它还。我使用jQuery,我试过 $('iframe')。contents(),但我似乎没有对该对象的权限。我也检查了 $('iframe')。attr('src'),但它保留为预重定向URL。有没有其他方法?
That seems like something that might be safe enough to be allowed, but I haven't found a way to do it yet. I'm using jQuery, and I've tried $('iframe').contents(), but I seem to have no permissions at all on that object. I've also checked $('iframe').attr('src'), but it remains as the pre-redirect URL. Is there another way?
推荐答案
否,您无权访问 iframe。您只能访问外部定位和样式属性。
No, you don't have access to any properties within an iframe. You only have access to the outer positioning and styling properties.
这就是为什么框架是这么痛苦的工作。我通常只使用它们,如果我不在乎他们内部做了什么。
This is why frames are such a pain to work with. I usually only use them if I don't care what is done within them.
你不能做服务器端身份验证和令牌传递?而不是让客户端做身份验证,你不能在你的服务器上做到这一点?您可能需要做一些额外的工作来创建HTTP请求并解析响应,但您避免任何iframe问题。
Can you not do a server-side authentication and token passing? Instead of having the client do the authentication, can you not do that on your server? You may need to do some extra work to create the HTTP request and parse the response, but you avoid any iframe issues.
底线是iframes可能不是最好的依赖(尤其是涉及到跨浏览器功能)重要的事情,如身份验证。
Bottom line is iframes probably aren't the best to rely on(especially when it comes to cross-browser functionality) for important things like authentication.
这篇关于在重定向之后可以找到跨网域iframe的新网址吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
