• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

By-passing Browser Same Origin Policy

 
Ranch Hand
Posts: 569
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I want to read the content of another browser window using Javascript. I'd like to use window.open() to open any arbitrary URL (whose content I have no control) and read or send mouse event to the DOM of that window. One use of this is that I can automatically login, say, hotmail and download my emails.

But a major problem is browser normally doesn't allow this due to same origin policy. For normal HTTP request, I am able to overcome this issue by installing a proxy server (Apache) of my own so that my own Javascript code is loaded from a URL containing any hostname of my choice. e.g. I can make Apache serving all html requests under mycode/ regardless of the intended host e.g. http://www.hotmail.com/mycode/abc.html would be served by my Apache proxy server.

But a major issue is if the URL is HTTPS:, the proxy server approach become very difficult to setup as there doesn't seem to be a way to config Apache as a reverse proxy for HTTPS.

Does anyone encountered similar issue like using Javascript to implement auto functional test framework.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic