开发者

Track button click within a iframe

开发者 https://www.devze.com 2022-12-29 21:40 出处:网络
Is it possible to track a button click within an iFrame if i don\'t have control over the external website or it\'s contents?

Is it possible to track a button click within an iFrame if i don't have control over the external website or it's contents?

(very fictionnal example)if i had an iframe like this:

<iframe src="http://www.johnny.com/plugins/like.php?href=http%253A%252F%252Fexample.com%252Fpage%252Fto%252Flike&amp;layout=standard&amp;show_faces=true&amp;width=450&amp;action=like&amp开发者_高级运维;font&amp;colorscheme=light&amp;height=80" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:450px; height:80px;" allowTransparency="true"></iframe>


If you are asking whether you can find a button in the DOM of the HTML that has your iframe and then add an onclick event to it, then yes, if you are served from the same domain.

 window.parent.getElementById()

will work -- so will any other DOM functions.

If you are not on the same domain, then the browser won't let you. It's called cross-site scripting (XSS) and is considered a security violation.

If you are on another domain, the owner did add your iframe, right? If so, have them also add in the events. They can pass in variables and call helper functions on your iframe. So they could pass the button in and you could add the event to it.


The answer is : not possible at all without some kind of cooperation with the remote site.
That is due to the Same Origin Policy kicking in for your protection.

If you have some kind of cooperation then you could pull this of using cross-domain messaging (eg. with easyXDM).


Not reliably across browsers, no.

That would easily qualify as a cross site scripting (XSS) exploit and be caught by the majority of modern browsers.

0

精彩评论

暂无评论...
验证码 换一张
取 消