Redirecting to a third party site with injected HTML

Discussion in 'Python' started by guytamir1@gmail.com, Jun 9, 2013.

  1. Guest

    Hi all,

    new to group and pretty new to python.

    I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

    i'm not really sure how to approach this problem..
    hints :)

    regards,
    Guy
     
    , Jun 9, 2013
    #1
    1. Advertising

  2. On Sun, Jun 9, 2013 at 1:09 PM, <> wrote:

    > Hi all,
    >
    > new to group and pretty new to python.
    >
    > I'm working on a new project and i want to receive a request from a user
    > and to redirect him to a third party site, but on the page after i redirect
    > my users i want to them to see injected html (on the third party site.)
    >
    > i'm not really sure how to approach this problem..
    > hints :)
    >
    > regards,
    > Guy
    > --
    > http://mail.python.org/mailman/listinfo/python-list
    >


    you can do redirect easily, but you can't inject html in 3rd party without
    permission. At any rate, how is this a python question?


    --
    Joel Goldstick
    http://joelgoldstick.com
     
    Joel Goldstick, Jun 9, 2013
    #2
    1. Advertising

  3. On 9 Jun 2013 18:15, <> wrote:
    >
    > Hi all,
    >
    > new to group and pretty new to python.
    >
    > I'm working on a new project and i want to receive a request from a user

    and to redirect him to a third party site, but on the page after i redirect
    my users i want to them to see injected html (on the third party site.)
    >
    > i'm not really sure how to approach this problem..
    > hints :)
    >
    > regards,
    > Guy


    What web framework are you using?

    This does not seem like a python question, instead a HTML/JavaScript one.
     
    Fábio Santos, Jun 9, 2013
    #3
  4. Guest

    its a python question since the request is received on a python server and i thought that
    there may be a way to so from the server that sends the response to the user...

    On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
    > On 9 Jun 2013 18:15, <> wrote:
    >
    > >

    >
    > > Hi all,

    >
    > >

    >
    > > new to group and pretty new to python.

    >
    > >

    >
    > > I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

    >
    >
    > >

    >
    > > i'm not really sure how to approach this problem..

    >
    > > hints :)

    >
    > >

    >
    > > regards,

    >
    > > Guy

    >
    > What web framework are you using?
    >
    > This does not seem like a python question, instead a HTML/JavaScript one.
     
    , Jun 9, 2013
    #4
  5. On Sun, Jun 9, 2013 at 1:52 PM, <> wrote:

    > its a python question since the request is received on a python server and
    > i thought that
    > there may be a way to so from the server that sends the response to the
    > user...
    >
    > On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
    > > On 9 Jun 2013 18:15, <> wrote:
    > >
    > > >

    > >
    > > > Hi all,

    > >
    > > >

    > >
    > > > new to group and pretty new to python.

    > >
    > > >

    > >
    > > > I'm working on a new project and i want to receive a request from a

    > user and to redirect him to a third party site, but on the page after i
    > redirect my users i want to them to see injected html (on the third party
    > site.)
    > >
    > >
    > > >

    > >
    > > > i'm not really sure how to approach this problem..

    > >
    > > > hints :)

    > >
    > > >

    > >
    > > > regards,

    > >
    > > > Guy

    > >
    > > What web framework are you using?
    > >
    > > This does not seem like a python question, instead a HTML/JavaScript one.

    > --
    > http://mail.python.org/mailman/listinfo/python-list
    >



    unless you hack into 3rd party, you can't alter that site

    --
    Joel Goldstick
    http://joelgoldstick.com
     
    Joel Goldstick, Jun 9, 2013
    #5
  6. Ian Guest

    On 09/06/2013 18:09, wrote:
    > Hi all,
    >
    > new to group and pretty new to python.
    >
    > I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)
    >
    > i'm not really sure how to approach this problem..
    > hints :)
    >
    > regards,
    > Guy

    Hi Guy,

    It appears to me that you have thought "Inject html" as the solution to
    your problem. Sorry, but you can't solve your problem that way. Basic
    security.

    What is the problem you are trying to solve?

    Ian
     
    Ian, Jun 9, 2013
    #6
  7. Tim Chase Guest

    On 2013-06-09 10:09, wrote:
    > I'm working on a new project and i want to receive a request from a
    > user and to redirect him to a third party site, but on the page
    > after i redirect my users i want to them to see injected html (on
    > the third party site.)


    As others have stated, I'm not sure this is a Python problem. Two
    possibilities occur to me:

    1) Your server returns a page with an <iframe> that points to the
    page they want, but then injects HTML into that iframe using
    ECMAScript. Some browsers may thwart you from doing this. Test
    thoroughly in multiple browsers.

    2) Your server goes and fetches the contents of the requested page,
    then mungs it, and returns it from your server. This might also
    require modifying internal links on the target page so that they
    redirect through your local site. Be sure to test thoroughly, and
    this may also have legality concerns (you're copying others' content
    and displaying it on your site, so there may be copyright issues), so
    also check with your lawyer.

    Generally, these techniques are in the same bag of tricks that
    phishers use, so you might also have to make sure that your site is
    not getting filed as a phishing site (unless you are trying to make a
    phishing site, in which case don't).

    -tkc
     
    Tim Chase, Jun 9, 2013
    #7
  8. Roy Smith Guest

    On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
    >> This does not seem like a python question, instead a HTML/JavaScript

    one.

    In article <>,
    wrote:

    > its a python question since the request is received on a python server and i
    > thought that there may be a way to so from the server that sends the response to the
    > user...


    There are two layers to this question. The first is a
    HTTP/HTML/Javascript question. That question is:

    "i want to receive a request from a user and to redirect him to a third
    party site, but on the page after i redirect my users i want to them to
    see injected html (on the third party site.) What HTML, and/or
    Javascript, and/or HTTP headers do I need to send to make that happen?

    The second layer is a Python question:

    "How do I write something in Python which causes the above
    HTML/Javascript/HTTP to get sent?"

    Until you can find an answer for the first question, it's not worth
    asking the second question. And the answer to the first question won't
    be found on a python group.
     
    Roy Smith, Jun 9, 2013
    #8
  9. Guy Tamir Guest

    On Sunday, June 9, 2013 9:24:56 PM UTC+3, Ian wrote:
    > On 09/06/2013 18:09, wrote:
    >
    > > Hi all,

    >
    > >

    >
    > > new to group and pretty new to python.

    >
    > >

    >
    > > I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

    >
    > >

    >
    > > i'm not really sure how to approach this problem..

    >
    > > hints :)

    >
    > >

    >
    > > regards,

    >
    > > Guy

    >
    > Hi Guy,
    >
    >
    >
    > It appears to me that you have thought "Inject html" as the solution to
    >
    > your problem. Sorry, but you can't solve your problem that way. Basic
    >
    > security.
    >
    >
    >
    > What is the problem you are trying to solve?
    >
    >
    >
    > Ian


    Hi Ian,

    the problem i'm working is trying to add funny pictures to the third party sites..
    its part of a game, when a user clicks on my urls they are redirected to known sites but i plant funny pictures in them that they need to find..

    since i wrote some extensions in the past that allowed me to change the DOM easily i thought there might be an way to do so from the server before redirecting the user..
     
    Guy Tamir, Jun 10, 2013
    #9
  10. On 10 Jun 2013 07:58, "Guy Tamir" <> wrote:
    > since i wrote some extensions in the past that allowed me to change the

    DOM easily i thought there might be an way to do so from the server before
    redirecting the user..

    There could be a way to do that, but some of the features in the target
    site would not be working. You could load the site yourself on your server,
    and modify and serve that HTML to the user. Then you'd have to take care to
    rewrite or disable all the links on the page (they may be relative to the
    target domain and as such mean nothing on yours). Also images and other
    resources' URLs have to be rewritten if they are relative URLs.

    Then there are legal problems. Make sure you are legally allowed to do what
    you are trying to do. I can't help with that.
     
    Fábio Santos, Jun 10, 2013
    #10
  11. On Sun, 09 Jun 2013 10:09:17 -0700, guytamir1 wrote:

    > i'm not really sure how to approach this problem..
    > hints :)


    Let me restate the problem for you:

    You want to display a web page to a visitor that exists on a third party
    website, with some of your own html inserted into it.

    Setting aside the multitude of ethical, moral, legal and copyright
    issues, the only technical solution I can see that doesn't involve
    hacking the third party website is to scrape the third party website
    using eg curl, modify the html using your scripting environment of choice
    (I'll assume python) either using some form of dom manipulation or string
    manipulation, and then server the modified page to the visitor.

    so pycurl and pydom might be good places to start.

    Don't forget that you may need to rewrite urls in the scraped document
    for things such as anchors, images, css, javascript etc to point them
    back at the host server, or some script on your server that can obtain
    and serve the appropriate resources.

    Alternatively, how about displaying the third party website in an iframe
    within your own document? Although that's not really pythonic, just
    htmlic.

    --
    Denis McMahon,
     
    Denis McMahon, Jun 10, 2013
    #11
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kieran Benton
    Replies:
    3
    Views:
    508
    Ray Cassick \(home\)
    Sep 11, 2003
  2. Billy Porter
    Replies:
    0
    Views:
    1,022
    Billy Porter
    Jun 25, 2003
  3. Mikael Engdahl

    Strange error when calling third party assembly

    Mikael Engdahl, Aug 8, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    364
    Mikael Engdahl
    Aug 8, 2003
  4. Cowboy \(Gregory A. Beamer\)

    Re: Use Third Party HTML Designer

    Cowboy \(Gregory A. Beamer\), Nov 5, 2003, in forum: ASP .Net
    Replies:
    2
    Views:
    365
    Marty Cruise
    Nov 5, 2003
  5. Miles Davenport
    Replies:
    5
    Views:
    448
    Miles Davenport
    Oct 23, 2003
Loading...

Share This Page