Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #47471 > unrolled thread

Redirecting to a third party site with injected HTML

Back to article view | Back to comp.lang.python

Contents

  Redirecting to a third party site with injected HTML guytamir1@gmail.com - 2013-06-09 10:09 -0700
    Re: Redirecting to a third party site with injected HTML Joel Goldstick <joel.goldstick@gmail.com> - 2013-06-09 13:14 -0400
    Re: Redirecting to a third party site with injected HTML Fábio Santos <fabiosantosart@gmail.com> - 2013-06-09 18:22 +0100
      Re: Redirecting to a third party site with injected HTML guytamir1@gmail.com - 2013-06-09 10:52 -0700
        Re: Redirecting to a third party site with injected HTML Joel Goldstick <joel.goldstick@gmail.com> - 2013-06-09 14:03 -0400
        Re: Redirecting to a third party site with injected HTML Roy Smith <roy@panix.com> - 2013-06-09 14:53 -0400
    Re: Redirecting to a third party site with injected HTML Ian <hobson42@gmail.com> - 2013-06-09 19:24 +0100
      Re: Redirecting to a third party site with injected HTML Guy Tamir <guytamir1@gmail.com> - 2013-06-09 23:50 -0700
        Re: Redirecting to a third party site with injected HTML Fábio Santos <fabiosantosart@gmail.com> - 2013-06-10 08:51 +0100
    Re: Redirecting to a third party site with injected HTML Tim Chase <python.list@tim.thechases.com> - 2013-06-09 13:31 -0500
    Re: Redirecting to a third party site with injected HTML Denis McMahon <denismfmcmahon@gmail.com> - 2013-06-10 07:59 +0000

#47471 — Redirecting to a third party site with injected HTML

Hi all,

new to group and pretty new to python.

I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

i'm not really sure how to approach this problem..
hints :)

regards,
Guy

[toc] | [next] | [standalone]

#47473

[Multipart message — attachments visible in raw view] — view raw

On Sun, Jun 9, 2013 at 1:09 PM, <guytamir1@gmail.com> wrote:

> Hi all,
>
> new to group and pretty new to python.
>
> I'm working on a new project and i want to receive a request from a user
> and to redirect him to a third party site, but on the page after i redirect
> my users i want to them to see injected html (on the third party site.)
>
> i'm not really sure how to approach this problem..
> hints :)
>
> regards,
> Guy
> --
> http://mail.python.org/mailman/listinfo/python-list
>

you can do redirect easily, but you can't inject html in 3rd party without
permission.  At any rate, how is this a python question?


-- 
Joel Goldstick
http://joelgoldstick.com

[toc] | [prev] | [next] | [standalone]

#47475

[Multipart message — attachments visible in raw view] — view raw

On 9 Jun 2013 18:15, <guytamir1@gmail.com> wrote:
>
> Hi all,
>
> new to group and pretty new to python.
>
> I'm working on a new project and i want to receive a request from a user
and to redirect him to a third party site, but on the page after i redirect
my users i want to them to see injected html (on the third party site.)
>
> i'm not really sure how to approach this problem..
> hints :)
>
> regards,
> Guy

What web framework are you using?

This does not seem like a python question, instead a HTML/JavaScript one.

[toc] | [prev] | [next] | [standalone]

#47477

its a python question since the request is received on a python server and i thought  that
there may be a way to so from the server that sends the response to the user...

On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
> On 9 Jun 2013 18:15, <guyt...@gmail.com> wrote:
> 
> >
> 
> > Hi all,
> 
> >
> 
> > new to group and pretty new to python.
> 
> >
> 
> > I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)
> 
> 
> >
> 
> > i'm not really sure how to approach this problem..
> 
> > hints :)
> 
> >
> 
> > regards,
> 
> > Guy
> 
> What web framework are you using?
> 
> This does not seem like a python question, instead a HTML/JavaScript one.

[toc] | [prev] | [next] | [standalone]

#47478

[Multipart message — attachments visible in raw view] — view raw

On Sun, Jun 9, 2013 at 1:52 PM, <guytamir1@gmail.com> wrote:

> its a python question since the request is received on a python server and
> i thought  that
> there may be a way to so from the server that sends the response to the
> user...
>
> On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
> > On 9 Jun 2013 18:15, <guyt...@gmail.com> wrote:
> >
> > >
> >
> > > Hi all,
> >
> > >
> >
> > > new to group and pretty new to python.
> >
> > >
> >
> > > I'm working on a new project and i want to receive a request from a
> user and to redirect him to a third party site, but on the page after i
> redirect my users i want to them to see injected html (on the third party
> site.)
> >
> >
> > >
> >
> > > i'm not really sure how to approach this problem..
> >
> > > hints :)
> >
> > >
> >
> > > regards,
> >
> > > Guy
> >
> > What web framework are you using?
> >
> > This does not seem like a python question, instead a HTML/JavaScript one.
> --
> http://mail.python.org/mailman/listinfo/python-list
>


unless you hack into 3rd party, you can't alter that site

-- 
Joel Goldstick
http://joelgoldstick.com

[toc] | [prev] | [next] | [standalone]

#47480

On Sunday, June 9, 2013 8:22:17 PM UTC+3, Fábio Santos wrote:
>> This does not seem like a python question, instead a HTML/JavaScript 
one.

In article <0021fabe-78ed-4e79-8cdf-468b4ccc7a71@googlegroups.com>,
 guytamir1@gmail.com wrote:

> its a python question since the request is received on a python server and i 
> thought that there may be a way to so from the server that sends the response to the 
> user...

There are two layers to this question.  The first is a 
HTTP/HTML/Javascript question.  That question is:

"i want to receive a request from a user and to redirect him to a third 
party site, but on the page after i redirect my users i want to them to 
see injected html (on the third party site.)  What HTML, and/or 
Javascript, and/or HTTP headers do I need to send to make that happen?

The second layer is a Python question:

"How do I write something in Python which causes the above 
HTML/Javascript/HTTP to get sent?"

Until you can find an answer for the first question, it's not worth 
asking the second question.  And the answer to the first question won't 
be found on a python group.

[toc] | [prev] | [next] | [standalone]

#47479

On 09/06/2013 18:09, guytamir1@gmail.com wrote:
> Hi all,
>
> new to group and pretty new to python.
>
> I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)
>
> i'm not really sure how to approach this problem..
> hints :)
>
> regards,
> Guy
Hi Guy,

It appears to me that you have thought "Inject html" as the solution to 
your problem.  Sorry, but you can't solve your problem that way. Basic 
security.

What is the problem you are trying to solve?

Ian

[toc] | [prev] | [next] | [standalone]

#47521

On Sunday, June 9, 2013 9:24:56 PM UTC+3, Ian wrote:
> On 09/06/2013 18:09, guytamir1@gmail.com wrote:
> 
> > Hi all,
> 
> >
> 
> > new to group and pretty new to python.
> 
> >
> 
> > I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)
> 
> >
> 
> > i'm not really sure how to approach this problem..
> 
> > hints :)
> 
> >
> 
> > regards,
> 
> > Guy
> 
> Hi Guy,
> 
> 
> 
> It appears to me that you have thought "Inject html" as the solution to 
> 
> your problem.  Sorry, but you can't solve your problem that way. Basic 
> 
> security.
> 
> 
> 
> What is the problem you are trying to solve?
> 
> 
> 
> Ian

Hi Ian,

the problem i'm working is trying to add funny pictures to the third party sites..
its part of  a game, when a user clicks on my urls they are redirected to known sites but i plant funny pictures in them that they need to find..

since i wrote some extensions in the past that allowed me to change the DOM easily i thought there might be an way to do so from the server before redirecting the user..

[toc] | [prev] | [next] | [standalone]

#47527

[Multipart message — attachments visible in raw view] — view raw

On 10 Jun 2013 07:58, "Guy Tamir" <guytamir1@gmail.com> wrote:
> since i wrote some extensions in the past that allowed me to change the
DOM easily i thought there might be an way to do so from the server before
redirecting the user..

There could be a way to do that, but some of the features in the target
site would not be working. You could load the site yourself on your server,
and modify and serve that HTML to the user. Then you'd have to take care to
rewrite or disable all the links on the page (they may be relative to the
target domain and as such mean nothing on yours). Also images and other
resources' URLs have to be rewritten if they are relative URLs.

Then there are legal problems. Make sure you are legally allowed to do what
you are trying to do. I can't help with that.

[toc] | [prev] | [next] | [standalone]

#47482

On 2013-06-09 10:09, guytamir1@gmail.com wrote:
> I'm working on a new project and i want to receive a request from a
> user and to redirect him to a third party site, but on the page
> after i redirect my users i want to them to see injected html (on
> the third party site.)

As others have stated, I'm not sure this is a Python problem.  Two
possibilities occur to me:

1) Your server returns a page with an <iframe> that points to the
page they want, but then injects HTML into that iframe using
ECMAScript.  Some browsers may thwart you from doing this.  Test
thoroughly in multiple browsers.

2) Your server goes and fetches the contents of the requested page,
then mungs it, and returns it from your server.  This might also
require modifying internal links on the target page so that they
redirect through your local site.  Be sure to test thoroughly, and
this may also have legality concerns (you're copying others' content
and displaying it on your site, so there may be copyright issues), so
also check with your lawyer.

Generally, these techniques are in the same bag of tricks that
phishers use, so you might also have to make sure that your site is
not getting filed as a phishing site (unless you are trying to make a
phishing site, in which case don't).

-tkc

[toc] | [prev] | [next] | [standalone]

#47528

On Sun, 09 Jun 2013 10:09:17 -0700, guytamir1 wrote:

> i'm not really sure how to approach this problem..
> hints :)

Let me restate the problem for you:

You want to display a web page to a visitor that exists on a third party 
website, with some of your own html inserted into it.

Setting aside the multitude of ethical, moral, legal and copyright 
issues, the only technical solution I can see that doesn't involve 
hacking the third party website is to scrape the third party website 
using eg curl, modify the html using your scripting environment of choice 
(I'll assume python) either using some form of dom manipulation or string 
manipulation, and then server the modified page to the visitor.

so pycurl and pydom might be good places to start.

Don't forget that you may need to rewrite urls in the scraped document 
for things such as anchors, images, css, javascript etc to point them 
back at the host server, or some script on your server that can obtain 
and serve the appropriate resources.

Alternatively, how about displaying the third party website in an iframe 
within your own document? Although that's not really pythonic, just 
htmlic.

-- 
Denis McMahon, denismfmcmahon@gmail.com

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web