[ic] Allowing a particular domain access to content
Gert van der Spoel
gert at 3edge.com
Mon May 24 18:20:02 UTC 2010
> -----Original Message-----
> From: interchange-users-bounces at icdevgroup.org [mailto:interchange-
> users-bounces at icdevgroup.org] On Behalf Of Rene
> Sent: Monday, May 24, 2010 6:15 PM
> To: interchange-users at icdevgroup.org
> Subject: Re: [ic] Allowing a particular domain access to content
>
> On 24.05.2010 17:05, Paul Jordan wrote:
>
> >
> > Site1 is displaying content through an iframe. I checked and the only
> > IP's that are in [env] are the visitor, and Site2, Site1 is only
> > mentioned in the referrer. Since the iframe is really called from the
> > visitors browser I guess there is really not much I can do.
> >
> > Is there anything I can suggest to these people that would make it
> more
> > plausible to achieve this type of security?
>
> Hi Paul!
>
> What you need is a framekiller. There is plenty of different ideas out
> there, but here i found a nice place you can start from:
>
> http://en.wikipedia.org/wiki/Framekiller
>
> Of course this requires that the user has JS enabled, but the chance
> the
> would not is quite small..
Site1 apparently has to display through an iframe and is the only site that
is supposed to be able to have the content displayed.
Site3,4,5 ... 100 etc are not supposed to be able to see the content, not in
an iframe, not in their real browser. At least that it how the issue appears
to me ...
I don't know if there is a 'clean' solution to finding out what is the
'host' IP from where the iframe is included in a page.
CU,
Gert
More information about the interchange-users
mailing list