can u read selected text in an iframed google page?!?!?!

Discussion in 'Javascript' started by jojoba@gmail.com, Jun 27, 2007.

  1. Guest

    hi

    welcome to cross domain fun!
    i am serving an asp page.
    i have an iframe in the page pointing to another domain, say,
    http://www.google.com.
    ok, i know, different domains.
    i know i can communicate data between the parent page and the iframe
    using the fragment identifier technique.
    however, i would like to be able to actually get data, via javascript,
    to send along this channel.
    specifically, can i, using javascript, ask the google iframe doc for
    any selected text (among other things)?
    i mean, what's the point of being able to communicate across cross-
    domain frames if i cant get data from them in the first place
    think i'm missing something big here

    thanks for any help here,
    jojoba
    , Jun 27, 2007
    #1
    1. Advertising

  2. shimmyshack Guest

    On Jun 27, 1:45 am, wrote:
    > hi
    >
    > welcome to cross domain fun!
    > i am serving an asp page.
    > i have an iframe in the page pointing to another domain, say,http://www.google.com.
    > ok, i know, different domains.
    > i know i can communicate data between the parent page and the iframe
    > using the fragment identifier technique.
    > however, i would like to be able to actually get data, via javascript,
    > to send along this channel.
    > specifically, can i, using javascript, ask the google iframe doc for
    > any selected text (among other things)?
    > i mean, what's the point of being able to communicate across cross-
    > domain frames if i cant get data from them in the first place
    > think i'm missing something big here
    >
    > thanks for any help here,
    > jojoba


    whats the point of XSS if you can just ask for the data. However if
    you are just talking about YOUR browser, then you can inject js into
    the google iframe to send data back through proxies, so it does depend
    on your need. If you are asking "how can I get users to log on to my
    website and allow me to grab their google data" the answer is by using
    one of the current XSS vulnerabilties in google, or by some browser
    security issue, but officially you cant.
    shimmyshack, Jun 27, 2007
    #2
    1. Advertising

  3. Guest

    hi again
    thx for the rapid response!

    shimmyshack, you said:
    <<
    "then you can inject js into the google iframe to send data back
    through proxies"
    >>


    1) does "send data back thru proxies" mean using another hidden iframe
    to proxy? (not sure i totally understand)

    2) and also, after injecting the js, will i then have full document
    access (e.g. get selected text, or mouse position?) or will that still
    be limited?

    thx so much for the help,
    jojoba
    , Jun 27, 2007
    #3
  4. shimmyshack Guest

    On Jun 27, 3:09 am, wrote:
    > hi again
    > thx for the rapid response!
    >
    > shimmyshack, you said:
    > <<
    > "then you can inject js into the google iframe to send data back
    > through proxies"
    >
    >
    >
    > 1) does "send data back thru proxies" mean using another hidden iframe
    > to proxy? (not sure i totally understand)
    >
    > 2) and also, after injecting the js, will i then have full document
    > access (e.g. get selected text, or mouse position?) or will that still
    > be limited?
    >
    > thx so much for the help,
    > jojoba


    well injecting javascript into the iframe means you can send data
    anywhere.
    You just have to get that code in there, normally you would do it
    using XSS, but you can do it if you run a local proxym which adds a
    bit of code as the html markup passes by, for certain URLs, or merely
    using greasemonkey in firwfos to inject the script. The script gathers
    the required info from the google page, and then sends it either as a
    post to an injected iframe (within the google iframe) of via the query
    string of an image or whatever.

    Imagine you have server A you control, your browsing server A which
    contains iframe of serverB, you inject code into serverBs page, which
    appends an iframe and gathers data, and post it back to serverA where
    it can be got from the parent page and used, so completing the circle.
    It depends on being able to inject code into serverB iframe, which you
    can do as its your machine and you are free to modify the stream as it
    arrives. If at work, your proxy can do the same thing net wide. That
    makes it possible to inject code that shows IT staff what users click
    on and so on... using XSS in non SSL page.
    Does that all make sense?

    It can get more complicated, imagine the case where you have 2 local
    machines, 1 and 2, you browsing using 1 with foxy proxy on with URL
    rules matching certain requests to the victims server (3) you run
    apache on 2 with a vhost setup machine the domain name of 3, then
    foxyproxy proxies certain URLS matching domain 3 to machine 2, not all
    but just some. This means that you are mixing 3 and 2 and provided you
    create some logic on 2 you can get complete control of the code
    running in your browser apparently all on the same domain but not, so
    you can actually POST back to 2 the data you get from 3, theres no
    domain difference but the data that ends up in the mysql database on 2
    can be directly requested by 1 which is browsing a webpage which might
    have iframes from domains on 3 and 2, the data can be proxied via
    foxyproxy from 2 and mixed...

    Anyway all this makes a mockery of cross domain stuff, as you are only
    ever using the same domains for all this. In times past I have used
    this to mix and match data between sites where I want a record of
    everything I have looked at stored in mysql, and need to avoid
    problems with postback and other "domain checks"

    anyway, hope that all made sense.
    shimmyshack, Jun 27, 2007
    #4
  5. Guest

    wow!
    thank you shimmyshack.
    that was pretty clear. but i still do have a couple questions (please
    excuse my novice-ness).

    you said:
    <<
    You just have to get that code in there, normally you would do it
    using XSS, but you can do it if you run a local proxym which adds a
    bit of code as the html markup passes by, for certain URLs
    >>


    do you recommend i go with xss instead of the proxy method (i mean, am
    i making this too hard)?
    otherwise, if i run a local proxy, does that mean my google iframe is
    now within same domain as parent document (and so i can access
    whatever i want inside that iframe)?

    you said:
    <<
    The script gathers the required info from the google page, and then
    sends it either as a post to an injected iframe (within the google
    iframe) of via the query string of an image or whatever.
    >>


    after i have injected the script to retrieve the info, i'm still not
    sure how to get that info back out of the google iframe. i see you
    mentioned posting it to an injected iframe, but i don't see how the
    info in that iframe can be retrieved?

    thanks again for all your help,
    jojoba
    , Jun 27, 2007
    #5
  6. shimmyshack Guest

    On Jun 27, 4:19 am, wrote:
    > wow!
    > thank you shimmyshack.
    > that was pretty clear. but i still do have a couple questions (please
    > excuse my novice-ness).
    >
    > you said:
    > <<
    > You just have to get that code in there, normally you would do it
    > using XSS, but you can do it if you run a local proxym which adds a
    > bit of code as the html markup passes by, for certain URLs
    >
    >
    >
    > do you recommend i go with xss instead of the proxy method (i mean, am
    > i making this too hard)?


    I would go with either a proxy, or greasemonkey more probably.

    > otherwise, if i run a local proxy, does that mean my google iframe is
    > now within same domain as parent document (and so i can access
    > whatever i want inside that iframe)?
    >


    see below, although they are on different domains, the proxy allows
    modification of markup as it passes by (you must somehow program your
    proxy to inject markup as needed - fiddlertool allows this) this new
    markup would be a script to gather data, and an iframe where to post
    the data.

    > you said:
    > <<
    > The script gathers the required info from the google page, and then
    > sends it either as a post to an injected iframe (within the google
    > iframe) of via the query string of an image or whatever.
    >
    >
    >
    > after i have injected the script to retrieve the info, i'm still not
    > sure how to get that info back out of the google iframe. i see you
    > mentioned posting it to an injected iframe, but i don't see how the
    > info in that iframe can be retrieved?
    >
    > thanks again for all your help,
    > jojoba



    well you must run a webserver somewhere with a php page that accepts a
    POST payload
    ideally this will be on the same domain as the parent frame
    so
    <?php
    var_dump( $_POST );
    //shove the data into mysql (or whatever)
    ?>
    the javascript you inject into the google markup /is/ on the same
    domain as the google data of course so it has the right to gather
    data.


    <script type="text/javascript">
    //grab data you want from google

    //fill out a form
    //(which you have also injected)
    //with the data gathered

    //now post this form to the iframe
    //(also injected)

    //the action of the form dictates
    //where the post payload goes
    //it will be the url of the above php script
    //you then put that data in mysql or whatever.
    </script>

    now that you have the data on your server in mysql, you can retrieve
    it using ajax or whatever from the parent frame of the same domain.

    It is perfectly possible to post data to a different domain, thats the
    kind of thing that you do all the time. People use this method for
    instance to post to watchfire prefilling the form out, or it is used
    to track users on some stats sites. You can use it to gradually
    collect data from an entire site as you browse. Greasemonkey is cool
    for this, or chickenfoot, asit will do the browsing for you as well.
    You might want all the lat/lons from somewhere or whatever, nothing
    sinister I hope! Do no dr. evil. 1 milleeon dollars
    shimmyshack, Jun 27, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mike Williams
    Replies:
    0
    Views:
    427
    Mike Williams
    Oct 31, 2009
  2. Robert Oschler
    Replies:
    0
    Views:
    74
    Robert Oschler
    Sep 6, 2005
  3. zalun
    Replies:
    3
    Views:
    78
    Thomas 'PointedEars' Lahn
    Mar 22, 2006
  4. Sharkie
    Replies:
    2
    Views:
    66
    Sharkie
    May 27, 2008
  5. Freshman

    Reload two iframes on one iframed page!

    Freshman, Jan 5, 2010, in forum: Javascript
    Replies:
    8
    Views:
    154
    Freshman
    Jan 5, 2010
Loading...

Share This Page