I'm working on a web app that contains iframes whose sources are from different domains. I want to be able to detect whether or not a website will load successfully in an iframe.
I've tried a bunch of solutions I've found here, none of which seem to work. I've tried setting a timer and then checking the content of the iframe (which won't work because of the same-origin policy). I've tried performing a GET request to the source of the iframe, but a lot of domains won't let you do this even if the iframe loads up.
From my understanding, whether or not it loads is determined by the X-Frame-Options, but I don't think I have access to that either because I cannot get the HTTP response headers.
Is this just impossible? Any help would be appreciated.
Related
I am using Cypress to write e2e automation tests for a web application containing iframes. The web application contains multiple hidden iframes. After I log into the application, Cypress does not display the correct iframe. Instead, it displays a hidden iframe. Is there any way to handle the iframe selection by Cypress?
Most of the questions were related to targeting elements inside iframes. I found no questions related to loading of webpages using iframes.
EDIT:
Please note: My issue is not related to https://github.com/cypress-io/cypress/issues/136
I here official information about iframe issue :
https://docs.cypress.io/guides/references/known-issues.html#Iframes
Copied and paste :
You cannot target elements or interact with anything in an iframe - regardless of it being a same domain or cross domain iframe.
This is actively being worked on in Cypress and you’ll first see support for same domain iframes, followed by cross domain (they are much harder to do).
Issue URLs :
https://github.com/cypress-io/cypress/issues/136
I want to embed external content on a website in an iframe. I can only load internal websites and external are undefined.
How can I enable CORS in Intershop 7.7 and load an external URL in an iframe or data dialog?
There is nothing special in using iframes in Intershop compared to another platform. Simply put in your ISML:
<iframe src="https://example.com">
</iframe>
Of course this may not succeed to load as you noticed. Some servers include the X-Frame-Options header with value e.g. SAMEORIGIN which instructs the browser that they don't want to be framed on other sites. This may be used to prevent clickjacking attacks. You may use Firebug or any appropriate tool to monitor for such errors during the frame load. An iframe may also not load if you mix http/s traffic.
If you want to programatically access content from an iframe on a different domain, you may use the Web Messaging API (window.postMessage and the onmessage event) to communicate between the page and the included iframe.
In summary:
you can't simply frame any site (maybe your 'internal' site permits that);
this question is not relevant for the Intershop technology stack;
This should be possible with the content security policy support since version 7.6.
Please check the documentation of appserver.properties file. The keys intershop.response.content-security-policy. should help.
I need to debug my web app which is written by asp.net to find out how it is acting when rendering the content for the crawlers like Googlebot. The first thing I found was some online/offline tools but none of them can pass the Request.Browser.IsCrawler flag.
Then I tried to simulate a handmade request adding the Googlebot UserAgent but still no chance.
I used Telerik Fidler and Chrome while setting User-Agent to Googlebot/2.1 (+http://www.googlebot.com/bot.html), including _escaped_fragment_ in the URI and successfully saw the page from crawler perspective.
I am encountering a strange issue which is only affecting several users from an over 7000 user-base. Having searched the web for several hours to no avail, I'm hoping someone here can help!
I have an ASP.NET 2.0 website and when certain users try to access the home page (Default.aspx) they receive a white screen with no content loaded. This issue is occurring both in production environment and if I run the solution against a copy of production data. So I am able to replicate the exact same issue when I pseudo the problematic users.
When debugging the application in VS2005 and set a breakpoint in the code behind in the Default.aspx, the breakpoints are fired/hit so I know the request is working. The problem seems to be once the server has finished serving the request, the response back to the client/browser is empty.
Here's another strange thing I've noticed. If I alter the HTML in Default.aspx by adding a new white line or whitespace, the page will load fine for the same set of users. I thought I had resolved the issue with this fix but unfortunately the white screen issue just manifests itself once again.
Within Default.aspx, there's some AJAX requests using jQuery .load function but this can't be the issue because this functionality exists for every user of the site. The only variable is the amount of content returned within this request can vary depending on the user. But why would it resolve itself when I put a whitespace or whiteline in the page and then manifest itself hours later?
Another thing to note is it's only Default.aspx that is encountering this issue. If I browse to another page by typing in a page in the address bar, the page is served OK.
Hope someone can point me in the right direction on how I can debug or even resolve the issue.
It sounds like your ajax is the cause but without seeing some code, it's difficult to know why.
It could be a timeout, or an error that is preventing the ajax from completing it's function.
You need to use a tool like Charles or Fiddler to debug what is happening whilst the page loads whilst logged in as these users. In a nutshell, a tool like Charles will display all the detail surrounding requests made and responses served to the browser, including any failed responses.
I think it has to do with http headers, caching or encoding. But I cannot tell more without code.
Is output caching enabled for this page?
Can you give us the raw http headers for both the request and response?
If a white screen appears, will it be fixed by pressing ctrl+f5?
Many websites do not allow directory browsing. They want you to navigate from and in the webpages of that site. So for example if the page contains an image, you can only view the image by loading the whole page. When you paste the image location into the browser, you get the 403. Same situation when you try to access that image using URLConnection.
My question is, is there anyway to work around this? I.E. trick the server into thinking that our java access request comes from the page (knowing the url of the page that contains the item we want to access)?
Thanks,
Peter.
You can spoof the referer. It is used by servers showing this behaviour to know if you've come from eg a search engine.
http://www.jguru.com/faq/view.jsp?EID=257742 shows one implementation of it in Java.