Disabling javascript

Hello,

I have a page in which an iframe calls an external website.
I'd like to disable javascript for the page called in the iframe.
Is it possible ? How ?

Thanks in advance,

--
stephan

re: Disabling javascript

stephan wrote:[color=blue]
> Hello,
>
> I have a page in which an iframe calls an external website.
> I'd like to disable javascript for the page called in the iframe.
> Is it possible ? How ?
>[/color]
No, you can't, but why even try to disable it? If you don't want to use
Javascript, don't put any in the frame or page. Either way, leave my
browser alone. Its mine, not yours.

re: Disabling javascript

> No, you can't, but why even try to disable it? If you don't want to use[color=blue]
> Javascript, don't put any in the frame or page. Either way, leave my
> browser alone. Its mine, not yours.[/color]

well... thank you...
In fact, as I said, the called page belongs to another website.
So when the external page is loaded, on some websites, a parent.frame test
triggers an alert on my website :-(
I wanted to disable javascript in order not to bother my users.

--
stephan

re: Disabling javascript

stephan said the following on 11/5/2005 12:18 PM:[color=blue][color=green]
>>No, you can't, but why even try to disable it? If you don't want to use
>>Javascript, don't put any in the frame or page. Either way, leave my
>>browser alone. Its mine, not yours.[/color]
>
>
> well... thank you...
> In fact, as I said, the called page belongs to another website.
> So when the external page is loaded, on some websites, a parent.frame test
> triggers an alert on my website :-(
> I wanted to disable javascript in order not to bother my users.[/color]

Stop putting other peoples pages in your frameset and you don't have
that problem anymore.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

re: Disabling javascript

>[color=blue]
> Stop putting other peoples pages in your frameset and you don't have
> that problem anymore.
>
> --
> Randy
> comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
> Javascript Best Practices -[/color]
http://www.JavascriptToolbox.com/bestpractices/

Is it a joke ?
I ask you how to do it and you tell not to !
I must say I don't know much about javascript and maybe it's part of the
best practices... if so, I apologize.
Still, you don't you the app I'm coding and the point of my request... so I
understand.
Thanks anyway, I got the answer, it seems to be impossible.

re: Disabling javascript

stephan said the following on 11/6/2005 8:37 AM:
[color=blue][color=green]
>>Stop putting other peoples pages in your frameset and you don't have
>>that problem anymore.
>>
>>--
>>Randy
>>comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
>>Javascript Best Practices -[/color]
>
> http://www.JavascriptToolbox.com/bestpractices/
>
> Is it a joke ?[/color]

Is what a joke?
[color=blue]
> I ask you how to do it and you tell not to ![/color]

This is Usenet, not a help desk. You asked how to solve a problem, I
gave you a solution. It wasn't the solution you wanted, but it was a
solution to your problem.
[color=blue]
> I must say I don't know much about javascript and maybe it's part of the
> best practices... if so, I apologize.[/color]

It's not listed in there.
[color=blue]
> Still, you don't you the app I'm coding and the point of my request... so I
> understand.
> Thanks anyway, I got the answer, it seems to be impossible.[/color]

It doesn't "seem" to be impossible. If you are intent on stealing
content from another website, then have your sever retrieve the document
from the other website, strip its scripting, then insert it as your own
page.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

re: Disabling javascript

> Is what a joke?

The fact a simple help request becomes the trial of a supposed criminal !
[color=blue]
>[color=green]
> > I ask you how to do it and you tell not to ![/color]
>
> This is Usenet, not a help desk. You asked how to solve a problem, I
> gave you a solution. It wasn't the solution you wanted, but it was a
> solution to your problem.[/color]

It was no solution at all, avoiding a problem is not solving it.
Anyway, thanks for your lessons.
[color=blue]
>[color=green]
> > Still, you don't you the app I'm coding and the point of my request...[/color][/color]
so I[color=blue][color=green]
> > understand.
> > Thanks anyway, I got the answer, it seems to be impossible.[/color]
>
> It doesn't "seem" to be impossible. If you are intent on stealing
> content from another website, then have your sever retrieve the document
> from the other website, strip its scripting, then insert it as your own
> page.
>[/color]

I swear I was not trying to steal content from other websites.

Thank you for your answers.

--
stephan

re: Disabling javascript

stephan wrote:[color=blue][color=green]
>>No, you can't, but why even try to disable it? If you don't want to use
>>Javascript, don't put any in the frame or page. Either way, leave my
>>browser alone. Its mine, not yours.[/color]
>
> well... thank you...
> In fact, as I said, the called page belongs to another website.
> So when the external page is loaded, on some websites, a parent.frame test
> triggers an alert on my website :-(
> I wanted to disable javascript in order not to bother my users.
>[/color]
Stephan, I appreciate your problem and I hope you appreciate the
solution... and it is a solution.

First, if you don't want Javascript then don't use it.

Second, if you don't want a third-party page to use Javascript then
arrange with the third party to remove it. If the third party will not
do so then your page should not include theirs... you *do* have their
permission to use it, I presume?

Third, in the admittedly highly unlikely event that you *do* have their
permission to use the page, that they will *not* remove the Javascript
and that they *do* permit you to remove it from your version of their
page then instead of using a frame you should set up a <div> layer
rather than a frame, load their content using XmlHttpRequest, remove the
<script> tags and content and display it in your layer.

re: Disabling javascript

The Magpie said the following on 11/7/2005 3:48 PM:
[color=blue]
> stephan wrote:
>[color=green][color=darkred]
>>> No, you can't, but why even try to disable it? If you don't want to use
>>> Javascript, don't put any in the frame or page. Either way, leave my
>>> browser alone. Its mine, not yours.[/color]
>>
>>
>> well... thank you...
>> In fact, as I said, the called page belongs to another website.
>> So when the external page is loaded, on some websites, a parent.frame
>> test
>> triggers an alert on my website :-(
>> I wanted to disable javascript in order not to bother my users.
>>[/color]
> Stephan, I appreciate your problem and I hope you appreciate the
> solution... and it is a solution.
>
> First, if you don't want Javascript then don't use it.
>
> Second, if you don't want a third-party page to use Javascript then
> arrange with the third party to remove it. If the third party will not
> do so then your page should not include theirs... you *do* have their
> permission to use it, I presume?
>
> Third, in the admittedly highly unlikely event that you *do* have their
> permission to use the page, that they will *not* remove the Javascript
> and that they *do* permit you to remove it from your version of their
> page then instead of using a frame you should set up a <div> layer
> rather than a frame, load their content using XmlHttpRequest, remove the
> <script> tags and content and display it in your layer.[/color]

Have you tried loading a document using XMLHTTPRequest from a different
domain when the page is loaded from a server? You get a security
warning. Script can't access a page outside it's own domain.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

re: Disabling javascript

stephan said the following on 11/7/2005 4:19 AM:
[color=blue][color=green]
>>Is what a joke?[/color]
>
>
> The fact a simple help request becomes the trial of a supposed criminal ![/color]

This is no trial, and you are the only that supposed yourself to be a
criminal. But it is a well known phenomenon on the web that sites try to
steal content from other sites by putting it in a frameset with a hidden
frame. If you do not fall into that category, then you have nothing to
worry about.
[color=blue]
>[color=green][color=darkred]
>>>I ask you how to do it and you tell not to ![/color]
>>
>>This is Usenet, not a help desk. You asked how to solve a problem, I
>>gave you a solution. It wasn't the solution you wanted, but it was a
>>solution to your problem.[/color]
>
>
> It was no solution at all, avoiding a problem is not solving it.[/color]

The reason you got the solution you got is because there is no way, with
client side javascript, to do what you are wanting to do. It's a
security violation.
[color=blue]
> Anyway, thanks for your lessons.
>
>[color=green][color=darkred]
>>>Still, you don't you the app I'm coding and the point of my request...
>>>so I understand.[/color][/color][/color]

Then explain what your app is.
[color=blue][color=green][color=darkred]
>>>Thanks anyway, I got the answer, it seems to be impossible.[/color]
>>It doesn't "seem" to be impossible. If you are intent on stealing
>>content from another website, then have your sever retrieve the document
>>from the other website, strip its scripting, then insert it as your own
>>page.
>>[/color]
>
>
> I swear I was not trying to steal content from other websites.[/color]

Fair enough. Set up a script on your server that will retrieve the
document, remove the script elements, and then display it with a URL
from your page. But without expressed permission of the outside site,
that does fall into the stealing content category.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

re: Disabling javascript

Randy Webb wrote:[color=blue]
>
> Have you tried loading a document using XMLHTTPRequest from a different
> domain when the page is loaded from a server? You get a security
> warning. Script can't access a page outside it's own domain.
>[/color]

I did note, if you recall, that all that was assuming the OP had
permission and presumed that with that permission would go the security
measures needed to get the page.

re: Disabling javascript

The Magpie said:[color=blue]
>
>Randy Webb wrote:[color=green]
>>
>> Have you tried loading a document using XMLHTTPRequest from a different
>> domain when the page is loaded from a server? You get a security
>> warning. Script can't access a page outside it's own domain.
>>[/color]
>
>I did note, if you recall, that all that was assuming the OP had
>permission and presumed that with that permission would go the security
>measures needed to get the page.[/color]

Those are two completely different issues. The author having permission
to use the page is not going to change the security settings on each
individual visitor's browser.

re: Disabling javascript

The Magpie said the following on 11/8/2005 8:57 AM:
[color=blue]
> Randy Webb wrote:
>[color=green]
>>
>> Have you tried loading a document using XMLHTTPRequest from a
>> different domain when the page is loaded from a server? You get a
>> security warning. Script can't access a page outside it's own domain.
>>[/color]
>
> I did note, if you recall, that all that was assuming the OP had
> permission and presumed that with that permission would go the security
> measures needed to get the page.[/color]

Even assuming that I give you permission to use a page of mine, unless
you load it from the server and pass it to the page, client-side
javascript has no way to read the actual file. See my other reply today
and it becomes easier to understand why you can't. Its a security issue.

--
Randy
comp.lang.javascript FAQ - http://jibbering.com/faq & newsgroup weekly
Javascript Best Practices - http://www.JavascriptToolbox.com/bestpractices/

re: Disabling javascript

Well there's no Javascript answer that I can think of... However if you're also using a server side language like JSP or Perl CGI
you could access the page from there, put it in a buffer, stripe the Javascript, then send it out to the browser as part of the page
your displaying without an IFrame.

Just some thoughts...

Dennis

stephan wrote:[color=blue]
> Hello,
>
> I have a page in which an iframe calls an external website.
> I'd like to disable javascript for the page called in the iframe.
> Is it possible ? How ?
>
> Thanks in advance,
>
> --
> stephan
>
>[/color]

re: Disabling javascript

Lee wrote:[color=blue]
> The Magpie said:
>[color=green]
>>Randy Webb wrote:
>>[color=darkred]
>>>Have you tried loading a document using XMLHTTPRequest from a different
>>>domain when the page is loaded from a server? You get a security
>>>warning. Script can't access a page outside it's own domain.[/color]
>>
>>I did note, if you recall, that all that was assuming the OP had
>>permission and presumed that with that permission would go the security
>>measures needed to get the page.[/color]
>
> Those are two completely different issues. The author having permission
> to use the page is not going to change the security settings on each
> individual visitor's browser.
>[/color]

Fair point. I made assumptions I shouldn't have.