[thelist] iframe: can it be protected?
kasimir-k
kasimir.k.lists at gmail.com
Wed Oct 31 11:53:06 CDT 2007
Mike scribeva in 31/10/2007 15:27:
> o Website runs on server A, including password protected area
> o In this password protected area, there is a page with an iframe
> o External website from server B is loaded into this iframe
>
> Can this external content be included in the same password protection
> that runs on server A? Normally users can open the iframe itself with a
> right mouse click, or load links into new browser tabs etc., and the
> source of the iframe window is clearly visible in the source code, so
> it would be completely open to the public.
You could read external site using curl <http://php.net/curl>, but if
that site has internal links, you'd have to rewrite them to use your
php-curl-proxy.
You must also proxy any image, script and style files, otherwise savvy
users see what host they are coming from.
> there are some reasons to use an iframe though.
Even if you go the curl-way, there's nothing stopping you from putting
the results in an iframe.
.k
More information about the thelist
mailing list