Cross-site security, target and frames

Discussion in 'Javascript' started by Kim Noer, Oct 13, 2004.

  1. Kim Noer

    Kim Noer Guest

    Hi there ...

    I'm having some troubles getting a form posted back to a frame, which was
    the 'launching' page to the popup.

    Ie. I want to get 'thanksabunch.asp' to post back to the frame1 location

    http://site1/frame1.asp launches https://site2/payment.asp which form post
    to https://site2/thanksabunch.asp which form post to
    http://site1/paymentreceived.asp

    in 'thanksabunch.asp' I have a form which contains method="post"
    name="payform" target="frame1", all this works in IE, but not in Firefox. So
    what I want is a way to post the form data to 'paymentreceived.asp' in
    'frame1'. I've fooled around with parent.document, but it list its parent as
    'thanksabunch.asp'.

    I'm quite sure I can't reach any object on site1, since there's some
    cross-site security taking place, effectively preventing me from doing it.

    --
    I doubt, therefore I might be.
     
    Kim Noer, Oct 13, 2004
    #1
    1. Advertising

  2. Kim Noer

    Kim Noer Guest

    "Kim Noer" <> wrote in message
    news:

    > I'm having some troubles getting a form posted back to a frame, which
    > was the 'launching' page to the popup.


    Is there really nobody that can help me out here? I'm pretty clueless on
    what do to, so any help will be appriciated!

    --
    I doubt, therefore I might be.
     
    Kim Noer, Oct 14, 2004
    #2
    1. Advertising

  3. Kim Noer

    Philip Ronan Guest

    Kim Noer wrote:

    > I'm quite sure I can't reach any object on site1, since there's some
    > cross-site security taking place, effectively preventing me from doing it.


    I'm quite sure you're correct. So don't do it :)

    Lately I've been receiving the odd email purporting to be from a major bank
    asking clients to update their details. You click on the link in the email
    and your browser opens a page in the spammer's website that spawns a pop-up
    window and immediately redirects to a page in the bank's website. The pop-up
    contains a form that asks you to fill in your credit card details, PIN
    number, etc., so that the spammer can presumably empty your bank account
    into theirs.

    What you're attempting to do sounds very much like this sort of scam, and
    I'm glad it isn't working.

    --
    Philip Ronan

    (Please remove the "z"s if replying by email)
     
    Philip Ronan, Oct 14, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Earl Teigrob
    Replies:
    0
    Views:
    561
    Earl Teigrob
    Feb 18, 2004
  2. Eric
    Replies:
    5
    Views:
    433
    dorayme
    Dec 7, 2005
  3. mohit
    Replies:
    0
    Views:
    602
    mohit
    Jan 23, 2008
  4. Jukka K. Korpela

    Re: Frames Target and External HTML

    Jukka K. Korpela, Dec 24, 2008, in forum: HTML
    Replies:
    0
    Views:
    390
    Jukka K. Korpela
    Dec 24, 2008
  5. richard
    Replies:
    1
    Views:
    408
    dorayme
    Dec 25, 2008
Loading...

Share This Page