如何让我的网站在新的window中打开另一个网站,然后填写forms并在新的window中提交(不能查询参数)?
[英]How to let my website open another website in a new window, and then fill out the forms and submit in that new window (no query params possible)?
问题描述
Here we have following website: https://aspen.eccouncil.org/VerifyEval
这里我们有以下网站: https://aspen.eccouncil.org/VerifyEval
A website should have a link, which opens that URL in a new window, then fills out the "Candidate Name" and "Certificate Number" fields on that page, then finally submits it, so the user sees the verification directly (without having to type those parameters manually).一个网站应该有一个链接,在新的window中打开那个URL,然后在该页面填写“候选人姓名”和“证书编号”字段,最后提交,这样用户直接看到验证(无需手动输入这些参数)。
I tried to use the window.open() function with javascript for the both mentioned websites, and then accessing the document property of the created object. But it failed (even if I put the new window to the focus), Chrome not worked at all, Firefox gave:我尝试将window.open() function 和 javascript 用于上述两个网站,然后访问创建的 object 的document属性。但它失败了(即使我将新的 window 放在焦点上),Chrome 无法工作所有,Firefox 给出:
Error: Permission denied to access property "document"
What is the way to do that?这样做的方法是什么?
1 个解决方案
解决方案1
1 2023-01-14 20:56:33
Modern browsers won't allow you to execute code on different domains.现代浏览器不允许您在不同域上执行代码。 The reason is simple - if it can be done, a malicious attacker could use this approach to lure you click on a link and then execute code on this page with your permissions (for example: execute code on your bank website).原因很简单——如果可以做到,恶意攻击者就可以使用这种方法来引诱您单击链接,然后以您的权限在此页面上执行代码(例如:在您的银行网站上执行代码)。 Moreover, the site you trying to execute code on should protect itself from receiving such forms submissions - it's called Cross-Origin Resource Sharing (CORS) protection.此外,您尝试在其上执行代码的站点应该保护自己免受此类 forms 提交的影响——这称为跨源资源共享 (CORS)保护。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.