473,465 Members | 1,931 Online
Bytes | Software Development & Data Engineering Community
Create Post

Home Posts Topics Members FAQ

Getting around the XSS filter in web browser control...

1 New Member
Hello, I am working on a pet project and need to overcome a major hurdle in an application. I have checked countless forums and articles and have only found bits and pieces of what I am looking for, so I hope a more direct approach will help me.

Here's the scenario:
1. The site is actually a game, which uses Javascript/JSON with DHTML on a page that has several IFRAMES - two of which are deeper inside the outside page AND of a separate domain.

2. There are NO security issues with what I am trying to do. All programming and access is limited to merely simplifying and automating normally access functions only. All authentication and private information is done prior to any access, and only the session information will ever be used, and only to facilitate game operations that the user knows will happen.

3. The idea is to use the webbrowser control to access the game and provide ordinary access, while the app hosting the browser gets the game session information and makes separate automated calls to the game servers. This has already been done via Firefox using Greasemonkey scripting, and it works well - except that Firefox has a horrible memory leak that eventually causes the whole operation to break down.

The problem I am running into is obvious. I am trying to access the iframe that is technically on a different domain, and the web browser DOM model won't let me in. I have seen enough articles to know there are several workarounds to XSS filter blocks but they are quite vague and vary depending on scenario.

So, I will outline exactly what I need in hopes that I can obtain an amicable solution...

1. I need to obtain the DOM of a nested IFRAME of a different domain. If need be I could live with just the source, but the DOM and the JS vars would be the most ideal. My strategy here is to use the session information and make HttpWebRequest calls parallel to the web browser in-game. That way I can automate some functions while still playing. It can be done - if I can get the session information and pass it the same way. It will all be done on the same client with the users permission and knowledge, so no security issues.

2. I would really like it if I could pass information BACK to that IFRAME. One of the major things this project is trying to do is make some visual changes to simplify the look and feel of the interface. It is all in HTML, so changes would simply be adding some in-line styling of JS code...

So anyways, what ideas and suggestions would work best? At this point I am open to all scenarios, but ideally something as simple as possible to get what I need. This is already a huge project :).

Thanks in advance!
Sep 15 '13 #1
0 1123

Sign in to post your reply or Sign up for a free account.

Similar topics

1
Preventing date, page no, file path getting printed in web browser control
by: Mohan | last post by:
Hi All, I am using web browser control in a VB 6.0 client server application to print reports. I am writing the report into a HTML file and displays the report to the user using the code,...
Visual Basic 4 / 5 / 6
0
No Touch deployment and hosting a browser control
by: Marwan Shaban | last post by:
Greetings, I want to host a browser control in my windows forms application and deploy it using No Touch deployment. The windows-forms app is run in the Intranet zone with default Intranet Zone...
.NET Framework
8
Browser Control
by: David | last post by:
Hi I'm developing an internet app. in which I want to prevent the user from being able to browse the web whikst they are in the app. So I want to hide the I.E. address bar and prevent any new...
.NET Framework
9
Web Browser Control - controlling the background color...
by: hzgt9b | last post by:
I am using a web browser control to display some PPT slides saved as HTML. My client has recently asked that the background of the browser be changed to sonething other than white so that the...
.NET Framework
1
web browser control
by: Praveena | last post by:
Hi All, I am developing a Web Page in ASP.NET where i am using a Web Browser control. I created this selecting the "Microsoft Web Browser" in the custom controls. Now the problem is with the...
ASP.NET
12
Web Browser Control
by: VJ | last post by:
I am using the web browser control.., I would like to add the control at runtime... I was adding the web browser control at desgin time. Now I decided to add the control at run time so I removed...
Visual Basic .NET
1
Opening PPT slide convered to HTM in IE7 or active-x web-browser control
by: celoftis | last post by:
BACKGROUND: I have some PPT slides that have been converted to HTM (ensuring that the show slide animations while browsing checkbox is checked). The original HTM slides have custom animations to...
.NET Framework
6
How to list ALL filtered filenames (with path) from Folder Browser control?
by: kimiraikkonen | last post by:
Hello, I have a listbox and folder browser control. I need to display all .mp3 files' pathes into listbox. It was Ok with openfiledialog but how can list all .mp3 extension- having files into...
Visual Basic .NET
6
Can't open database in browser control
by: =?Utf-8?B?UGFycm90?= | last post by:
I cannot access my SQL database in a browser control created in my C# Windows application program I can, however, access the database from an IE browser. I get the ubiquitous "Login failed for NT...
C# / C Sharp
1
Web browser control error
by: klharding | last post by:
I am trying to load a web browser with a web site that contains an IP Address. I am able to load this website in an IE7 window with no issues on my Vista machine. But when I try to load this web...
C# / C Sharp
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us