[thelist] including remote/third-party content

David Kaufman david at gigawatt.com
Fri Jul 27 00:30:57 CDT 2007

Hi Joel,

Joel D Canfield <joel at streamliine.com> wrote:
> our client's site requires a third-party web tool to be built into
> their site. their current site uses frames, allowing the vendor's
> content to spill down and over as far as necessary.
> I've avoided frames and iframes since about '96, but I'm not aware of
> any other way to include someone else's page within our own.
> Frames, or iframes?

Neither!  No, never -- not that! :-)

> random ideas welcome; thinking outside the box is encouraged.

One random idea: if this is a dedicated server where you can turn on 
Apache modules that shared-hosting providers tend to turn off, then I 
would suggest a reverse proxy.  This is exactly what they are for.

I did this just last week to integrate a Google Search appliance 
transparently with a group of websites.  The webserver transparently 
shuttles requests for the Google Mini's front-end web interface off to 
the appliance, and delivers its replies to the visitor as if it were its 
own web pages.  To the end user the application appears to be 
"installed" in a subdirectory of the website when, in fact, the search 
appliance is a completely different box which could have been a thousand 
miles (instead of 2 rack units) away.  In fact, by tomorrow morning the 
new search app should be live -- it's the site search on 

See the ProxyPassReverse directive docs:

My setup is exactly as simple as the first reverse proxy example shown:

   ProxyPass         /searchresults/
   ProxyPassReverse  /searchresults/

Boom. done.  I've also used this same technique (years ago) to expose an 
ASP application running on an IIS/NT webserver behind the company's 
firewall seamlessly into their front-end webserver which was a Linux 

In that case we needed a few more lines of configuration, to rewrite the 
cookies (used for authentication) as they moved back and forth, but it 
was still pretty much cake.

Here's an example of someone else doing just that (proxying a backend 
Windows server app transparently through a front-end apache server):

Reverse proxy's are of course serious voodoo.  If the content you want 
to expose is just a form, or some flash, or even just html that you want 
the "third party" to have to maintain...

Here's an Extra-boxestrial Thought: Think like an ad server.

You put a tag on your page:
<script src="someotherguys.com/cool/tools.js"></script>

His script document.write()'s html, javascript, forms, img tags --  
whatever you need -- right into your page.

I did one of these for a friend who wanted to share his frequently 
updated (and lovingly maintained) list of current Astronomy related news 
stories with other astronomy sites.  His site is AstronomyLinks.com and 
he calls the service AstroWire: http://astronomylinks.com/astrowire.htm.

All he does is maintain a few static html files like this one:

And my (server-side perl) script reads that file, encodes it as 
javascript literal strings and outputs a (client-side javascript) script 
that will "write" that HTML into anybody's page:

In an ironic twist of tags, the end-user includes the link to the CGI, 
as if it were a link to a .JS file, like this:
<script language="JavaScript" 

And the results look like this: 

In a sick test, I also discovered that the technique is not limited to 
text. You can document.write() binary data into a page and call it a 
gif, and browsers belive you!

That was 5 years a go, and here's a site still using it! 

I guess it's "a poor man's proxy" but hey, it works -- and without 
frames! :-)

Hope this helps!


More information about the thelist mailing list