Show iframe in a page to only visitors coming from particular referrer

Question

Now I have a site:

www.abc.com

I give links to view videos or some written content here. But that content is on:

www.xyz.com

For example I have a video embedded in an iframe on a page www.xyz.com/tops/ that can be viewed through an url www.xyz.com/tops/pqrs.php?file=123456 ..Now I want the iframe present on www.xyz.com/tops/ page to be visible to people coming from www.abc.com only. For other people directly visiting www.xyz.com/tops/ page everything should be visible except the iframe embedded in that page. There is other content too on that page....In between all that content I embedded this iframe element. So for everyone directly visiting www.xyz.com/tops/ page everything should be visible except the iframe embedded in that page.

How do I achieve this?

Thanks :)

Answer 1

I will be trying the below two methods now. In the meantime while searching for some website that is doing what I exactly need, I found one. The main site is:

www.siteA.com

A link is placed there as:

http://siteA.com/redirector.php?r=http://siteB.com/Page/&s=123456

When I clicked the link it took me to:

http://siteB.com/Page/

and the relevant video was playing in the iframe. I check the source code. I found this near where the iframe is embedded:

<div style="padding: 6px">
</div>
<div id="showvideoplayer"></div>
<div id="container"></div>
<iframe frameborder='0' width='730' height='415' src='http://www.dailymotion.com/embed/video/somecode'></iframe> <div style='padding: 8px'>
</div>

Now I just reloaded the page(not by hitting F5 or reload button) by clicking on the address bar and then hitting enter. Now the video was not visible but the other page content was there as is. I again checked the source code now:

<div style="padding: 6px">
</div>
<div id="showvideoplayer"></div>
<div id="container"></div>

This time the iframe element was not there. Even I want to do like this. But how?

Answer 2

An expanded version of www139's answer:

session_start();

if ( !isset( $_SESSION["origURL"] ) )
    $_SESSION["origURL"] = $_SERVER["HTTP_REFERER"];

//...
if ($_SESSION["origURL"] !== "www.xyz.com/tops/") {
  echo "<iframe>..."
}

Note that this will only work if the URL is exactly "www.xyz.com/tops/". Use regular expressions to include all cases.

Answer 3

Excerpt from: https://www.nczonline.net/blog/2013/04/16/getting-the-url-of-an-iframes-parent/

On the xyz.com page, have a script that detects the parent url, and display the content you are interested in if it's iframed vs not.

function getParentUrl() {
var isInIframe = (parent !== window),
    parentUrl = null;

if (isInIframe) {
    parentUrl = document.referrer;
}

    return parentUrl;
}

Note this method doesn't provide a secure way to prevent users from seeing content, just conviniently show and hide content.