1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Iframe alternative

Discussion in 'Hire a Freelancer' started by themob, Nov 7, 2014.

  1. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    Hello guys,

    I am trying to load the content of a website into an iframe but I get the following error in console of the browser:

    Refused to display 'http://site.com' in a frame because it set 'X-Frame-Options' to 'DENY'.

    If do you find a solution to get this working for me, I can pay good money! Waiting for your offers
     
  2. pick up

    pick up Junior Member

    Joined:
    Jul 27, 2014
    Messages:
    172
    Likes Received:
    5
    Occupation:
    Beggar
    Location:
    Mental Hospital
    i'm not sure i can solve this, but i can try.
     
  3. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    I really need this to be done. I can pay nice money for this!
     
  4. hajro

    hajro Junior Member

    Joined:
    Oct 4, 2014
    Messages:
    164
    Likes Received:
    43
    Website you want to load as iframe send response headers "X-Frame-Options" with value "DENY" that means you CAN'T iframe that website. If you want to show only content from that website, try download website source using CURL and pass it to your website
     
  5. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    I dont need only the content. there on that website is a button that i want to get it working when i press on it.
     
  6. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    But what about to put a code on my site, a header code that reffer to value allow ? there should be a solution to get it working
     
  7. Archemike

    Archemike Regular Member

    Joined:
    Jan 12, 2012
    Messages:
    221
    Likes Received:
    42
    CHeck out CORS

    Basically it's a protocal that allows via http headers what you can lead.

    Basically, use JSONP to do a GET with ajax from this site, versus a normal GET which the server is blocking. They have foreign access policy up so you can't just do a normal grab. You could scrap and pull from your server, or do a get with JSONP with some mild javascript, but you can't get around a normal grab.

    Hope that helps!
     
    • Thanks Thanks x 2
  8. yourdady

    yourdady Regular Member

    Joined:
    Apr 4, 2014
    Messages:
    417
    Likes Received:
    65
    Gender:
    Male
    Location:
    instarobot.com
    How about "javascript src"
     
  9. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    I already tried it and ... Nah doesn't work
     
  10. hajro

    hajro Junior Member

    Joined:
    Oct 4, 2014
    Messages:
    164
    Likes Received:
    43
    If you're trying to iframe facebook or some shit like that, give up now.
     
    • Thanks Thanks x 1
  11. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    Yes facebook, but there should be a solution that can get this done
     
  12. Grizzy

    Grizzy Senior Member

    Joined:
    Nov 11, 2008
    Messages:
    919
    Likes Received:
    999
    Why should there be? Nowadays the X-Frame-Options header is really the only fool proof way of enforcing the most important concept in web application security.

    And hypothetically speaking, if someone did know about a browser vulnerability that could bypass it they wouldn't sell it on a public internet forum. They would be to far to busy raping the worlds biggest social networks and banking $xx,xxx a day ;)
     
  13. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    There should be a solution to get it working man.
     
  14. tubeboost

    tubeboost Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 24, 2014
    Messages:
    235
    Likes Received:
    38
    Location:
    The Internet
    Home Page:
    I can't post links, but it can be useful for you.
     
  15. themob

    themob BANNED BANNED

    Joined:
    Jul 28, 2013
    Messages:
    376
    Likes Received:
    40
    Yes I already know that. But there should be a solution to get it working :D
     
  16. ChanzGrande

    ChanzGrande Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 16, 2008
    Messages:
    2,484
    Likes Received:
    1,158
    Occupation:
    Accountant
    Location:
    Northern Woods Counting Money
    Actual viable possibilities were provided, and of course they currently exceed your understanding of this challenge as is clearly evident in your perpetual responses. Is there some part of NOBODY can iFrame facebook that is unclear?

    Based on the rest of your responses it seems clear you are actually looking for a clickjacker. Perhaps you will have greater success finding one of those as opposed to perpetually assuming a method that CAN'T work can. Nobody here has a workaround for X-Frame-Options cross-domain scripting prevention mechanism for FB specifically. You will have to imagine a different way to solve your problem as nobody is going to hand you a million dollar key even if one exists - which it likely doesn't. I'll bet someone here knows a way to clickjack without having to iFrame the FB page.