Populate form fields on a remote website

B

brad

Hi there,

New to javascript. Question about populating a form on a webpage that I
do not control. I can see the field names and ids and currently have a
button that onsubmit opens the page in a new window that contains the
form I'd like to populate. Any tips on how to populate the form. We're
trying to make it easier for users to submit it... no bots as it has a
captcha.
 
G

GArlington

Hi there,

New to javascript. Question about populating a form on a webpage that I
do not control. I can see the field names and ids and currently have a
button that onsubmit opens the page in a new window that contains the
form I'd like to populate. Any tips on how to populate the form. We're
trying to make it easier for users to submit it... no bots as it has a
captcha.

See "cross-site scripting"...
 
D

Doug Gunnoe

Hi there,

New to javascript. Question about populating a form on a webpage that I
do not control. I can see the field names and ids and currently have a
button that onsubmit opens the page in a new window that contains the
form I'd like to populate. Any tips on how to populate the form. We're
trying to make it easier for users to submit it... no bots as it has a
captcha.

Just grab a reference to the DOM element you're after and set the
'value' attributes.

Look into getElementsByName() and getElementById(). The first returns
an array (NodeSet actually) so if it is the only element with that
'name' in your document then you would have to say something like:

document.getElementsByName('someName')[0].value = "some value"

If you could get an element reference starting at the form, you could
iterate through the form using nextChild and/or nextSibling and set
all the values to what you like.

Oh, and one more thing I guess, since you are opening this up in a new
window, you must reference the correct document. If your script is in
the new window, you could just say "document.", but if you are doing
it from the parent window, use the reference returned when your create
the child window.

And if you're opening the document in a frame, you must also consider
this when trying to get a reference to an element. And everything may
fail anyway, depending on how forms loaded in a frame from another
domain are handled when submitted. I'm not sure to be honest with you.

http://developer.mozilla.org/en/docs/DOM:element#Methods
http://developer.mozilla.org/en/docs/DOM:window.frames

slightly off topic since this can't be used by your users, but:
http://en.wikipedia.org/wiki/Greasemonkey


Good luck!
 
T

Thomas 'PointedEars' Lahn

brad said:
New to javascript. Question about populating a form on a webpage that I
do not control.

Chances are that you cannot do this with client-side scripting alone because
of the Same Origin Policy. However, often documents containing forms can
take parameters per the URI's query part (after the `?') which would then
populate the form.

Simple example:

<http://groups.google.com/groups?as_...group=comp.lang.javascript&scoring=d&filter=0>

See also <http://jibbering.com/faq/>.


HTH

PointedEars
 
D

Doug Gunnoe

Chances are that you cannot do this with client-side scripting alone because
of the Same Origin Policy.  However, often documents containing forms can
take parameters per the URI's query part (after the `?') which would then
populate the form.

Simple example:

<http://groups.google.com/groups?as_q="Same+Origin+Policy"&as_ugro....>

See also <http://jibbering.com/faq/>.

HTH

PointedEars
--
Use any version of Microsoft Frontpage to create your site.
(This won't prevent people from viewing your source, but no one
will want to steal it.)
  -- from <http://www.vortex-webdesign.com/help/hidesource.htm>

Right you are sir.

I did a little test, and apparently one cannot access the DOM of a
document loaded in a frame or iframe when the document originates from
another domain.

This is rather well known I suppose, but I had never really given the
problem any thought before. It makes perfect sense, however. I suppose
allowing this would be a big security problem.

But the security measures that stop this DOM access seem to be the
sole responsibility of the browser. Of course, I don't suppose there
would be any other way to handle it, since all of this stuff happens
client side. But I have given some thought about the various ways one
could break this, and I don't think it would be terribly difficult to
come up with a work around.

But what legitimate reasons would one have to do something like this?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,904
Latest member
HealthyVisionsCBDPrice

Latest Threads

Top