Notifications
Clear all

How to prevent linking to another http(s) website within the iFrame

8 Posts
2 Users
0 Reactions
70 Views
TinyWebGallery
Posts: 924
Admin
(@admin)
Prominent Member
Joined: 16 years ago

It is actually the same setting:

You can map an url parameter value pair to an url or pass the url directly which should be opened in the iframe. If you e.g. have a page with the iframe and you like to have different content in the iframe depending on an url parameter than this is the setting you have to use. You have to specify this setting in the following syntax "parameter|value|url" e.g. "show|1| https://www.tinywebgallery.co m". If you than open the parent page with ?show=1 than https://www.tinywebgallery.com is opened inside the iframe. You can also specify several mappings by separating them by ','.

you should not use reserved words: https://codex.wordpress.org/Reserved_Terms

so page is not good.

So one example with 2 elements with "show" is

show|/assortiment|/assortiment,show|/aanbiedingen|/aanbiedingen

?show=/assortiment will then link to /assortiment only

Best regards, Michael

 

Reply
Posts: 4
Topic starter
(@mos_dave)
Active Member
Joined: 2 weeks ago

Hi Michael,

Sorry, maybe am i not clear in my explanation.

How can we prevent that ANY foreign site can be loaded in the iframe.

Here are some examples that must NOT be possible.

https://extravestiging.nl/webshop/?page=ipv4.icanhazip.com
https://extravestiging.nl/webshop/?page=https://www.snackbardewolf.nl/
https://extravestiging.nl/webshop/?page=https://allereifen365.de/

I uploaded an image of what i have tried, but that doesn't block other sites.

Kind Regards,

Dave

Reply
TinyWebGallery
Posts: 924
Admin
(@admin)
Prominent Member
Joined: 16 years ago

I understand.

Still you did not configure what I have shown before! 

Each mapping needs the url parameter

show|/assortiment|/assortiment,show|/aanbiedingen|/aanbiedingen

you have not added it in the 2nd setting. With the setting above only this 2 mappings should work. 

Also you should NOT use page as parameter ! This is a reserved word in Wordpress and Wordpress is doing their own stuff. Please do NOT use ?page. 

Also remove forward parameters ALL - This does not makes sense here. 

I have created an example for you:

https://www.tinywebgallery.com/blog/test-param

with 

[advanced_iframe src="//www.tinywebgallery.com/blog/wp-content/plugins/advanced-iframe/example/example.html" map_parameter_to_url="show|1| https://www.tinywebgallery.com,show|2|https://www.tinywebgallery.co m" width="100%" height="600"]

So only show=1 and show=2 are working.  if you add something else the default page is shown. 

https://www.tinywebgallery.com/blog/test-param?show=1 -> works

https://www.tinywebgallery.com/blog/test-param?show=2 -> works 

https://www.tinywebgallery.com/blog/test-param?show=https://www.snackbardewolf.nl/ -> does not work.

Best regards, Michael

 

Reply
Page 2 / 2