I have a form that submit a shopping cart to Google Checkout. The form works great on it's own, but when I put it inside of Joomla (using a content-type of wrapper), Google Checkout throws a 302, and the form page is loaded again.
As I was writing this, I then decided to see what happens from the static form, outside of Joomla. It took gets a 302, but Google Checkout loads.
If I go directly to the request url listed in the resource inspector (using chrome for this), I get an error:
Oops!
We were unable to process your request.
That happens on both the Joomla wrapped form and the stand alone.
However, both forms receive response headers, with a Location url that goes to Google Checkout, and in fact loads the proper data.
Any ideas how to get this working inside of Joomla? Or what I might be doing wrong?
I don't know this stuff well enough to explain myself too well, so if you have a clarifying question, I'd be more than happy to provide as much info as possible.
The issue was in fact that the form was trying to redirect the entire page from inside an i-frame. Brought the form out into a component and it works fine.
Related
I need to create a custom Facebook Page Tab app which will show an external site in an iframe. This need to have adverts on it but I'm not sure if this is possible as the site is hosted externally.
I'm not sure if I need to sign up to the Facebook Audience Network to get approved etc. either?
Any help or advice would be great.
Many browsers have this limitation of not allowing external sites to be shown in an iframe. Imagine the case when you are working hard to create a site and others show all your content in iframes. That is, naturally frustrating.
However, there is a candidate-solution: Let's suppose you create a page which sends a request to the other site and appends all the content into the body and head of your page. This is very much possible, so the solution is to:
Create a page in your site, let's call it outsider
In the server-side code of your outsider page send a request to the desired page to be shown
You will get the html of the page. Process it and include its content into the head and body of outsider. This includes:
3.1. Checking all the CSS to be reached, as the target page might refer to local CSS, which is unreachable locally at your end. Process the URLs of CSS files
3.2. Checking all the Javascript to be reached, as the target page might refer to local JS, which is unreachable locally at your end. Process the URLs of JS files
3.3. Apply the idea described in 3.1. and 3.2. for other resources, like images, until you are satisfied with the content of outsider
Create an iframe, having the source to point to outsider. outsider is inside your scope, so it should be shown
NOTE: If the site owning the target page does not like the possibility of you showing their content inside iframes, they might protect it by, let's say, having Javascript in their code, which checks whether the page is inside an iframe. Remove that code while processing the response to your request. If nothing else prevents you from showing the page in an iframe, then you should achieve success.
I'm basically looking at a security problem between a parent page and an iframe with links to a third party.
I want to send a POST or a GET (doesn't matter which as I can control the other side) to the third party, but not expose any details within it (say a SID or a user token) and have it's HTML content (JS/HTML/Images) loaded into the iframe.
I've looked at server-side redirects, creating a proxy using webclinet/webresponse and am curious to whether there is a good way to do it.
Has anyone ever done this before, or think that the secrity is not possible? Hell, even if I'm barking up the wrong tree on how to solve this.
If anybody has any examples on this it would be greatly appreciated.
Cheers,
Jamie
[Edit] Was thinking I might need to add some more details.
Say I have a parent page: https://mycompany.com/ShowThirdParty.
This has an iframe in it at the moment which will have the content of another component (also owned by me, or another team more specifically)
Basically I'd like to send some credentials to content in the iframe in such a way that the external pages can't read it, the iframe is put into a modal (I've done that) and the iframe has the restricted content with the auhtentication almost seamless and invisible.
I currently have it working as a GET url generated dynamically via JS and then passed into the iframe src parameter, obviously that isn't secure.
I kind of want some kind of server side redirect across a full url, but I don't even think that's possible.
You could try using AJAX and load a PHP script (with any parameters to the script encoded/encrypted) to query the 3rd party page and load the response into the iframe. Not really sure how your code is setup but there should be a way.
It can also be done by POST Method (submit the data to iFrame using POST) as it is HTTPS so the data you send to iFrame is encryped.
I'm currently working with lift and I recently faced a difficult with redirects.
When I try to show an error or notice with S.error, it redirects to the page which I was previously. And I couldn't find a work around for that. I assume it's a default behavior of lift and there should be a work around. Please post how to changed this behavior.
It's unlikely that S.error is causing the redirect.
I presume you're calling S.error while processing a form submission. If so, you need to call S.redirectTo or S.seeOther after your processing is complete to redirect the browser to a different page. If you don't Lift's default behaviour is to reload the form on which you have just clicked submit.
I'm looking to pass data from a form into an iFrame, but I have a slight problem.
The form page I can edit with no restrictions
The page I send the data to I cannot edit unless its html or JavaScript
The data needs to end up in an iframe within this page, which I can edit with no restrictions
I'm incorporating a search function into a CMS system which is why I cannot edit the iframe's parent page, and why I am using iframes at all.
At the moment the data sends to the parent page but is not picked up within the iframe, I am sending via the POST method.
I got it..
Added and extra page which converted the post data into session data,
if anyone knows a better way i would like to hear it though.
And they are the same domain, but editing the CMS system would have taken ages to look through as its not mainstream or developed by me.
Maybe I'm oversimplifying the problem, but can't you use the "target" attribute of the form tag to post to the Iframe?
I administer a site, hosted on Yahoo! hosting, which has recently shown a strange behavior: when you visit in IE8, the page loads and is rendered normally, then as soon as it finishes rendering, the browser switches to show its local/internal 404 page. The address bar still shows the site URL.
When I view the site in (as far as I can tell) the same state on my local Apache server, it doesn't do this. This leads me to suspect it may have something to do with server configuration and response headers, but I don't know what that might be.
Is anyone familiar with this behavior?
I experienced this behavior when using a .htc hack to provide artificial CSS border-radius support.
I'm not sure what is causing that issue specifically, but you could use a packet capture utility like Wireshark or Fiddler2 to investigate the issue further. Otherwise, it would be helpful if you were to post a link to the site.
Your page contains JavaScript code which modifies the DOM while the page is still loading.
See other SO questions, such as here and here.
Solution: place your DOM manipulation code into < body onload> or jquery.ready() to execute after page loading is complete.