Redirecting to a third party site with injected HTML

[guytamir1]

Hi all,

new to group and pretty new to python.

I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

i'm not really sure how to approach this problem..
hints

regards,
Guy

 

[Joel Goldstick]

Hi all,

new to group and pretty new to python.

I'm working on a new project and i want to receive a request from a user
and to redirect him to a third party site, but on the page after i redirect
my users i want to them to see injected html (on the third party site.)

i'm not really sure how to approach this problem..
hints

regards,
Guy

you can do redirect easily, but you can't inject html in 3rd party without
permission. At any rate, how is this a python question?

 

[Fábio Santos]

Hi all,

new to group and pretty new to python.

I'm working on a new project and i want to receive a request from a user

and to redirect him to a third party site, but on the page after i redirect
my users i want to them to see injected html (on the third party site.)

i'm not really sure how to approach this problem..
hints

regards,
Guy

What web framework are you using?

This does not seem like a python question, instead a HTML/JavaScript one.

 

[guytamir1]

its a python question since the request is received on a python server and i thought that
there may be a way to so from the server that sends the response to the user...

 

[Joel Goldstick]

its a python question since the request is received on a python server and
i thought that
there may be a way to so from the server that sends the response to the
user...


user and to redirect him to a third party site, but on the page after i
redirect my users i want to them to see injected html (on the third party
site.)

unless you hack into 3rd party, you can't alter that site

 

[Ian]

Hi all,

new to group and pretty new to python.

I'm working on a new project and i want to receive a request from a user and to redirect him to a third party site, but on the page after i redirect my users i want to them to see injected html (on the third party site.)

i'm not really sure how to approach this problem..
hints

regards,
Guy

Hi Guy,

It appears to me that you have thought "Inject html" as the solution to
your problem. Sorry, but you can't solve your problem that way. Basic
security.

What is the problem you are trying to solve?

Ian

 

[Tim Chase]

I'm working on a new project and i want to receive a request from a
user and to redirect him to a third party site, but on the page
after i redirect my users i want to them to see injected html (on
the third party site.)

As others have stated, I'm not sure this is a Python problem. Two
possibilities occur to me:

1) Your server returns a page with an <iframe> that points to the
page they want, but then injects HTML into that iframe using
ECMAScript. Some browsers may thwart you from doing this. Test
thoroughly in multiple browsers.

2) Your server goes and fetches the contents of the requested page,
then mungs it, and returns it from your server. This might also
require modifying internal links on the target page so that they
redirect through your local site. Be sure to test thoroughly, and
this may also have legality concerns (you're copying others' content
and displaying it on your site, so there may be copyright issues), so
also check with your lawyer.

Generally, these techniques are in the same bag of tricks that
phishers use, so you might also have to make sure that your site is
not getting filed as a phishing site (unless you are trying to make a
phishing site, in which case don't).

-tkc

 

[Roy Smith]

one.

its a python question since the request is received on a python server and i
thought that there may be a way to so from the server that sends the response to the
user...

There are two layers to this question. The first is a
HTTP/HTML/Javascript question. That question is:

"i want to receive a request from a user and to redirect him to a third
party site, but on the page after i redirect my users i want to them to
see injected html (on the third party site.) What HTML, and/or
Javascript, and/or HTTP headers do I need to send to make that happen?

The second layer is a Python question:

"How do I write something in Python which causes the above
HTML/Javascript/HTTP to get sent?"

Until you can find an answer for the first question, it's not worth
asking the second question. And the answer to the first question won't
be found on a python group.

 

[Guy Tamir]

Hi Guy,



It appears to me that you have thought "Inject html" as the solution to

your problem. Sorry, but you can't solve your problem that way. Basic

security.



What is the problem you are trying to solve?



Ian

Hi Ian,

the problem i'm working is trying to add funny pictures to the third party sites..
its part of a game, when a user clicks on my urls they are redirected to known sites but i plant funny pictures in them that they need to find..

since i wrote some extensions in the past that allowed me to change the DOM easily i thought there might be an way to do so from the server before redirecting the user..

 

[Fábio Santos]

since i wrote some extensions in the past that allowed me to change the

DOM easily i thought there might be an way to do so from the server before
redirecting the user..

There could be a way to do that, but some of the features in the target
site would not be working. You could load the site yourself on your server,
and modify and serve that HTML to the user. Then you'd have to take care to
rewrite or disable all the links on the page (they may be relative to the
target domain and as such mean nothing on yours). Also images and other
resources' URLs have to be rewritten if they are relative URLs.

Then there are legal problems. Make sure you are legally allowed to do what
you are trying to do. I can't help with that.

 

[Denis McMahon]

i'm not really sure how to approach this problem..
hints

Let me restate the problem for you:

You want to display a web page to a visitor that exists on a third party
website, with some of your own html inserted into it.

Setting aside the multitude of ethical, moral, legal and copyright
issues, the only technical solution I can see that doesn't involve
hacking the third party website is to scrape the third party website
using eg curl, modify the html using your scripting environment of choice
(I'll assume python) either using some form of dom manipulation or string
manipulation, and then server the modified page to the visitor.

so pycurl and pydom might be good places to start.

Don't forget that you may need to rewrite urls in the scraped document
for things such as anchors, images, css, javascript etc to point them
back at the host server, or some script on your server that can obtain
and serve the appropriate resources.

Alternatively, how about displaying the third party website in an iframe
within your own document? Although that's not really pythonic, just
htmlic.