[thelist] iframe: can it be protected?

Mike evolt at muinar.com
Wed Oct 31 10:27:03 CDT 2007

Hi all

Just came around a problem where someone might have a solution, although
I think it's not possible :P This is the scenario:

o   Website runs on server A, including password protected area
o   In this password protected area, there is a page with an iframe
o   External website from server B is loaded into this iframe

Can this external content be included in the same password protection
that runs on server A? Normally users can open the iframe itself with a
right mouse click, or load links into new browser tabs etc., and the
source of the iframe window is clearly visible in the source code, so
it would be completely open to the public.

I already thought about letting only distinct domains (the one from
server A) read the content from server B, but of course in this case,
it's the the user's provider that counts ;)  Or some sort of referer
protection, but this could be tricked by some browsers...

So, should my customer forget this, or is there a way... ? I already
thought about reading the inner content via some PHP scripting, maybe
that's the way to go... there are some reasons to use an iframe though.

Thanks a lot for your thoughts ;D


_____  mike s. krischker  http://webdesign-schweiz.ch/
        webpro mailing list  http://webdesign-list.com/
        flashpro mailing list  http://flash-list.com/

More information about the thelist mailing list