By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
459,528 Members | 1,304 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 459,528 IT Pros & Developers. It's quick & easy.

Sending a value to an iframe

P: 426
I have a php program that uses a POST value to start it. I want to run the program my other website using an iframe. I have a form linking to the page the runs the iframe using a POST method. I there anyway to get the iframe to read the post rather than it's parent?

Otherwise is there a way to send a value to and iframe using JavaScript that the iframe will read as a POST value?

If neither of these are possible, is there any other way or will I have to create another copy of the program that is suited to start from the iframe.
If I have to do this, is there a way that the iframe can detect the parent page that is running it so that I can disable the program unless the parent is my website to stop people hijacking the link?
Jun 10 '12 #1
Share this Question
Share on Google+
2 Replies

Aimee Bailey
Expert 100+
P: 197
Although the iframe tag makes itself out to be part of the regular DOM (document object model), it actually is more like an entirely new web-browser within your page. Because of this it is restricted by the cross-domain policy issue that causes many people headaches when trying to use the tag. This may not seem an issue at first, but if you try to use javascript to access the 2nd DOM within the iframe, you'll find a security exception is thrown.

Also PHP code executes on the server only, by the time the web-page is displayed, the PHP script has finished running, and the result has been downloaded to the web-browser. POST variables are not sent to the web-browser, so no you can't pass them to an iframe via javascript.

An answer to your situation is that you can actually achieve what you want by passing a posted variable as a GET style variable into the src of the iframe tag like so:

Expand|Select|Wrap|Line Numbers
  1. <?php
  2.   $url = 'sub_page.php?a=' . $_POST['a'];
  3.   // Do some validation here.
  4. ?>
  5. <iframe src="<?php echo $url; ?>"></iframe>

It should be noted though, if you use this work-around, users to your site will be able to see the variable in the source code, also I've left a comment in there to remind you that you should always validate incoming variables to make sure they are not malicious.

Hope this helps!



Edit: just saw that you had already posted another question about this a few weeks ago but got no replies, I know GET variables may not be the perfect answer, but when using the iframe tag, and all the quirks that come with it, the most consistently reliable method is to pass the variable to the src tag attribute, it should also be noted however that POST vars within the iframe itself stay in scope (if that helps).

Lastly have you considered ditching the iframe tag all together? if it's just scrolling and dynamic content loading you want, you can achieve that with a little bit of ajax and a div with scroll bars, which would remove this problem all together.

Jun 17 '12 #2

P: 426
Thanks. I did consider putting $_GET content within the src but the reason I wanted to use $_POST was so that it was hidden.
I have some JavaScript that detect what the parent is so I might use php to set the variable if the parent is correct.

The iframe is included because I have a php program running in it but I want it to blend in with the page. I have adjusted the program and saved it with a different name for use within the frame.

Thanks for your help. If I have trouble with the JavaScript I have I may be back but I'll keep you posted on what I do.
Jun 18 '12 #3

Post your reply

Sign in to post your reply or Sign up for a free account.