Cross domain autofill and submit

[BrendanMcPherson]

Hello,

Im trying to make a "Search Many Sites from One Location".

Heres my problem:
I have a form on my page which allows the user to enter
a search term and select which site he would like the results from.

(the sites dont allow URL pasting) the sites are library catalogues.

heres my idea, can this be done?:
User enters search term, selects site they want results from and
enters submit.

This takes user to a framed page with frame1 being library catalogue.
now either the frameset or frame 2 does this
at timed interval gets the variable that was submited from search term
entered
and uses something like this bookmarklet
javascript:function ROIoiW(){var
i=0,j,A='anonymous',D,E,F=document.forms;while(i<F.length){E=F.elements;for(j=0;j<E.length;j++){D=E[j];if(D.type=='text'){D.value=(D.name.toUpperCase().indexOf('MAIL')!=-1)?A+'@example.com':A}}i++}}ROIoiW();void(null)

and something to fill in the search term and press submit in frame1

 

[Randy Webb]

(e-mail address removed) said the following on 8/28/2006 8:14 PM:

Hello,

Im trying to make a "Search Many Sites from One Location".

Heres my problem:
I have a form on my page which allows the user to enter
a search term and select which site he would like the results from.

(the sites dont allow URL pasting) the sites are library catalogues.

heres my idea, can this be done?:

Not in a default security environment.

 

[BrendanMcPherson]

Dear Randy,
can Javascript prompt the user to change Internet Explorers
security options.

 

[RobG]

Dear Randy,
can Javascript prompt the user to change Internet Explorers
security options.

Yes, but it's much better to give them a link to a page with detailed
instructions - most browsers don't let you read an alert and modify
options at the same time. You might also want to tell them why
cross-site scripting is prevented by default.

How do you know they are using IE? How many users will carry out your
request?

 

[Randy Webb]

RobG said the following on 8/28/2006 9:43 PM:

Yes, but it's much better to give them a link to a page with detailed
instructions - most browsers don't let you read an alert and modify
options at the same time.

None of mine do

You might also want to tell them why cross-site scripting is prevented by default.

Or the pitfalls of leaving it enabled after they leave the site.

How do you know they are using IE?

<!--[if gte IE 4]>
<script type="text/javascript">
alert('Its IE in some form or another')
</script>
<![endif]-->

Until other browsers mimic the IE conditionals......
And of course, the IE engines that are wrapped. AOL's browser doesn't
display that alert even though AOL uses IE as an embedded browser.

How many users will carry out your request?

Very true

 

[BrendanMcPherson]

All users of our site so far have been using IE.
okay so if I make a screen that instructs them on how to
change their security.

still how do I go about doing it?

 

[RobG]

All users of our site so far have been using IE.

You don't know that for sure. Even if it's true (and it may be), it
may not always be that way. If you believe the browser statistics that
are published by some sites (and many here are very sceptical of such
numbers) IE represents maybe 70 to 90% of web surfers.

It may be that your site is unfriendly to other browsers so visitors
just leave. In any case, you seem to be missing 10 to 30% of potential
visitors, maybe more.

Numbers from site-to-site vary greatly - w3schools puts IE useage at
about 60%, Ars Technica (which seems to be a US site) reported IE usage
among their visitors at 30% in November 2005.

<URL: http://www.w3schools.com/browsers/browsers_stats.asp >

okay so if I make a screen that instructs them on how to
change their security.
still how do I go about doing it?

Please don't top-post, interleave replies between trimmed quotes.

If you aren't already familiar with the pros and cons of enabling
cross-domain scripting in a browser, then you need much more
information that I (and probably anyone else here) is prepared to
provide.

Your question is really a browser security question, not a JavaScript
question and as such is off-topic here. That doesn't mean it won't be
answered, but that you will probably get better answers in a forum
where such questions are on-topic.

 

[Dr John Stockton]

JRS: In article <[email protected]>, dated
Mon, 28 Aug 2006 22:46:26 remote, seen in

<!--[if gte IE 4]>
<script type="text/javascript">
alert('Its IE in some form or another')
</script>
<![endif]-->

It looks as if that should alert in IE 4. For me, it does not.
Missing apostrophe.

 

[Randy Webb]

Dr John Stockton said the following on 8/30/2006 11:26 AM:

JRS: In article <[email protected]>, dated
Mon, 28 Aug 2006 22:46:26 remote, seen in

<!--[if gte IE 4]>
<script type="text/javascript">
alert('Its IE in some form or another')
</script>
<![endif]-->

It looks as if that should alert in IE 4. For me, it does not.
Missing apostrophe.

According to MSDN, IE4 doesn't support the conditional comments.

<URL:http://msdn.microsoft.com/library/default.asp?url=/workshop/author/dhtml/overview/ccomment_ovw.asp>

It is considered a "downlevel browser" :\

As for the apostrophe, it's irrelevant anyway.

<script type="text/javascript">
var showSecondAlert = true;
</script>
<!--[if gte IE 5]>
<script type="text/javascript">
alert("It's IE5+ in some form or another along with JRS' apostrophe")
showSecondAlert = false;
</script>
<![endif]-->
<script type="text/javascript">
if (showSecondAlert){
var alertMessage = "Either you are using a non-IE browser or "
alertMessage += "your IE doesn't support conditional comments (IE4)."
alert(alertMessage)
}
</script>