科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - Can I authenticate an iFrame page from the parent page? - Stack Overflow

    javascript - Can I authenticate an iFrame page from the parent page? - Stack Overflow

    programmeradmin4浏览0评论

    I have a simple HTML page that rotates through several status pages that I display on several tv's around campus. I regularly update the page and the links. Many times the pages require authentication. It is a pain to remote to ever terminal to supply credentials. Some are HTTP authentication and some are some <form> based authentication baked into the site. Many times I can get around the <form> based authentication with HTML and JavaScript that post the right credentials.

    1. Is there a better way to get around the <form> based authentication from the host page? (below)

    2. Is there any way to get around the Server/HTTP based authentication from the host page without having to manually authenticate on ever display?

    By <form> authentication I mean that a <form> action generates a session cookie?
    ( mikerobi, thanks for the ment)

    Here is the code for the host page 

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" ".dtd">
<html xmlns="" >
<head>
<title> 
  Important Stuff 
</title>
    <script src="/scripts/jquery.js" type="text/javascript"></script>
    <style type="text/css">
        html, body, iframe { margin:0; height:100%; }
        iframe { display:block; width:100%; border:none; }
    </style>
    <script type="text/javascript">
        var link = new Array();        
        link[0] = "/";        
        link[1] = "/weather.htm";        
        link[2] = "/systemstatus/";        
        var linkIndex = 0;
        setInterval("doSomething()", 10000);

        function doSomething() {

            if (linkIndex >= link.length)
            {
                // reload in case the page has been updated
                window.location.reload();
            }

            $("#frame").attr("src", link[linkIndex]);
            linkIndex++;
        }
    </script>
</head>
<body>
    <iframe id="frame" src="/"></iframe>
</body>
</html>

    I have a simple HTML page that rotates through several status pages that I display on several tv's around campus. I regularly update the page and the links. Many times the pages require authentication. It is a pain to remote to ever terminal to supply credentials. Some are HTTP authentication and some are some <form> based authentication baked into the site. Many times I can get around the <form> based authentication with HTML and JavaScript that post the right credentials.

    1. Is there a better way to get around the <form> based authentication from the host page? (below)

    2. Is there any way to get around the Server/HTTP based authentication from the host page without having to manually authenticate on ever display?

    By <form> authentication I mean that a <form> action generates a session cookie?
    ( mikerobi, thanks for the ment)

    Here is the code for the host page 

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3/1999/xhtml" >
<head>
<title> 
  Important Stuff 
</title>
    <script src="/scripts/jquery.js" type="text/javascript"></script>
    <style type="text/css">
        html, body, iframe { margin:0; height:100%; }
        iframe { display:block; width:100%; border:none; }
    </style>
    <script type="text/javascript">
        var link = new Array();        
        link[0] = "http://mypany.intranet/";        
        link[1] = "http://mypany.intranet/weather.htm";        
        link[2] = "http://mypany.intranet/systemstatus/";        
        var linkIndex = 0;
        setInterval("doSomething()", 10000);

        function doSomething() {

            if (linkIndex >= link.length)
            {
                // reload in case the page has been updated
                window.location.reload();
            }

            $("#frame").attr("src", link[linkIndex]);
            linkIndex++;
        }
    </script>
</head>
<body>
    <iframe id="frame" src="http://mypany.intranet/"></iframe>
</body>
</html>
    • javascript
    • html
    • authentication
    • iframe
    Share Improve this question edited Nov 11, 2010 at 21:57 Jamey McElveen asked Nov 11, 2010 at 21:34 Jamey McElveenJamey McElveen 18.3k25 gold badges93 silver badges132 bronze badges 1
    • What is <form> based authentication? Does the form action generate a session cookie? – mikerobi Commented Nov 11, 2010 at 21:47
    Add a ment  | 

    1 Answer 1

    Reset to default 9

    1. I don't see your code that sends the credentials for the POST-based login, but if you are using JavaScript to automatically submit a form (using its .submit() method), that is probably the best way. Keep in mind that the target attribute of an HTML form allows you to submit the form in a different window (or in your case, iframe) — just give a name="xyz" attribute to the iframe and use target="xyz" for the form. The form would be located in the host page and could be hidden using the CSS display: none.

    2. You can include the HTTP Basic Auth username and password in the URL, like: http://username:[email protected]/path. Note that current web browsers may not allow this in their default configurations as a safeguard against a specific phishing technique, and you may have to change the configuration by editing the Windows Registry or other places where web browser settings are stored.

    Edit 2024:

    HTTP Basic Auth is not secure and thus discouraged to use. Instead, use Session Cookies shared between Host page and iFrame, or JWT's, explained in more detail in this Stackoverflow answer.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论