Tuesday, June 4, 2024
Homepage · html
 Popular · Latest · Hot · Upcoming
65
rated 0 times [  70] [ 5]  / answers: 1 / hits: 33667  / 14 Years ago, thu, november 11, 2010, 12:00:00

I have a simple HTML page that rotates through several status pages that I display on several tv's around campus. I regularly update the page and the links. Many times the pages require authentication. It is a pain to remote to ever terminal to supply credentials. Some are HTTP authentication and some are some <form> based authentication baked into the site. Many times I can get around the <form> based authentication with HTML and JavaScript that post the right credentials.




  1. Is there a better way to get around
    the <form> based authentication
    from the host page? (below)


  2. Is there any way to get around the
    Server/HTTP based authentication
    from the host page without having to
    manually authenticate on ever
    display?




By <form> authentication I mean that a <form> action generates a session cookie?

( mikerobi, thanks for the comment)



Here is the code for the host page 



<!DOCTYPE html PUBLIC -//W3C//DTD XHTML 1.0 Transitional//EN http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>

<html xmlns=http://www.w3.org/1999/xhtml >

<head>

<title> 

  Important Stuff 

</title>

    <script src=/scripts/jquery.js type=text/javascript></script>

    <style type=text/css>

        html, body, iframe { margin:0; height:100%; }

        iframe { display:block; width:100%; border:none; }

    </style>

    <script type=text/javascript>

        var link = new Array();        

        link[0] = http://mycompany.intranet/;        

        link[1] = http://mycompany.intranet/weather.htm;        

        link[2] = http://mycompany.intranet/systemstatus/;        

        var linkIndex = 0;

        setInterval(doSomething(), 10000);



        function doSomething() {



            if (linkIndex >= link.length)

            {

                // reload in case the page has been updated

                window.location.reload();

            }



            $(#frame).attr(src, link[linkIndex]);

            linkIndex++;

        }

    </script>

</head>

<body>

    <iframe id=frame src=http://mycompany.intranet/></iframe>

</body>

</html>

More From » html
 Answers
32

  1. I don't see your code that sends the credentials for the POST-based login, but if you are using JavaScript to automatically submit a form (using its .submit() method), that is probably the best way. Keep in mind that the target attribute of an HTML form allows you to submit the form in a different window (or in your case, iframe) — just give a name=xyz attribute to the iframe and use target=xyz for the form. The form would be located in the host page and could be hidden using the CSS display: none.


  2. You can include the HTTP Basic Auth username and password in the URL, like: http://username:[email protected]/path. Note that current web browsers may not allow this in their default configurations as a safeguard against a specific phishing technique, and you may have to change the configuration by editing the Windows Registry or other places where web browser settings are stored.



[#94996] Wednesday, November 10, 2010, 14 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
jamaal
Add To Favorites
Follow
Total Points: 515
Total Questions: 102
Total Answers: 107
Location: France
Member since Thu, May 6, 2021
3 Years ago
;