Currently I can't do this but you should be able to bypass X-Frame-Options in an <iframe> using YQL. If you can demonstrate on a popular site like google and or facebook I'll award the job to you. Here is a proof of concept, tested in Chrome & Firefox:
The process is as follows:
Request an iframe URL from YQL (function loadURL),
Get an HTML data from YQL (function getData),
Add a <base link> and a <script> loading links in an iframe using YQL as well,
Inject this HTML into an empty <iframe> (function loadHTML).
Please copy paste the below code in empty HTML page to get it running
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title>Page Title</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" media="screen" href="[login to view URL]" />
<script src="[login to view URL]"></script>
</head>
<body>
<iframe src="[login to view URL]" width="500" height="300"></iframe>
<script>
var iframe = [login to view URL]('iframe')[0];
var url = [login to view URL];
var getData = function (data) {
if (data && [login to view URL] && [login to view URL] && [login to view URL] && [login to view URL] && [login to view URL] == 200) loadHTML([login to view URL]);
else if (data && [login to view URL] && [login to view URL]) loadHTML([login to view URL]);
else loadHTML('Error: Cannot load ' + url);
};
var loadURL = function (src) {
url = src;
var script = [login to view URL]('script');
[login to view URL] = '[login to view URL]*%20from%[login to view URL]%20where%20url%3D%22' + encodeURIComponent(url) + '%22&format=json&diagnostics=true&env=store%3A%2F%[login to view URL]%2Falltableswithkeys&callback=getData';
[login to view URL](script);
};
var loadHTML = function (html) {
[login to view URL] = 'about:blank';
[login to view URL]();
[login to view URL]([login to view URL](/<head>/i, '<head><base href="' + url + '"><scr' + 'ipt>[login to view URL]("click", function(e) { if([login to view URL] && [login to view URL] == "A") { [login to view URL](); [login to view URL]([login to view URL]); } });</scr' + 'ipt>'));
[login to view URL]();
}
loadURL([login to view URL]);
</script>
</body>
</html>
Hello,
We are IT-Engineers with higher education, having more than 6 years of experience, developing sophisticated Web and Mobile solutions from scratch.
Our indicative time/cost estimation for your project relies on the provided description. We would be glad to provide you with our final offer once we have discussed the project with you in detail.
During the consultation with you regarding the use-cases, we will in parallel work on the Functional Description.
Our task will be to research all the implementation options chosen by you for the technological implement-ability and to create the professional base for the engineering design. We will ensure the flexibility and readiness for possible requirements changes based on the market best practices and our 6 years of development experience.
Only this approach complies with the IT industry development standards and allows full control of the product:
- Creation of completely valid resource plans.
- Avoid refactoring of the evolving projects.
- Control all the business risks of the project, not only the technological ones.
Please have a look at my profile:-
https://www.freelancer.com/u/Danial2018
Best Regards
Web application expert
You can bypass X-Frame-Options in an <iframe> using my Web Component. It extends the IFrame element by using multiple CORS proxies and it was tested in the latest Firefox and Chrome.
Hi,
I checked your project details carefully, i have been developed like this before.
I am good at website development which I have been already tried.
This looks like a perfect fit for my skill sets.
As you can see my profile, my review is empty, but i have full experiences to develop and design web.
Also I will help you at a lower cost than anyone else.
I hope i work with you.
Best regards.