Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/a11ywatch/node-iframe
Reverse engineer website to iframe
https://github.com/a11ywatch/node-iframe
a11ywatch domain-fronting iframe reverse-engineering
Last synced: 2 months ago
JSON representation
Reverse engineer website to iframe
- Host: GitHub
- URL: https://github.com/a11ywatch/node-iframe
- Owner: a11ywatch
- License: mit
- Created: 2020-02-06T01:09:12.000Z (almost 5 years ago)
- Default Branch: main
- Last Pushed: 2024-02-09T17:51:46.000Z (11 months ago)
- Last Synced: 2024-11-01T13:47:16.514Z (2 months ago)
- Topics: a11ywatch, domain-fronting, iframe, reverse-engineering
- Language: TypeScript
- Homepage: https://a11ywatch.com/testout
- Size: 856 KB
- Stars: 12
- Watchers: 3
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# node-iframe
create iframes to bypass security issues on your server with node.js can also be used in a browser
## Installation
`npm install node-iframe`
## How to use
as express middleware
```typescript
import createIframe from "node-iframe";
app.use(createIframe);
app.get("/iframe", (req, res) => {
res.createIframe({
url: req.query.url,
baseHref: req.query.baseHref, // optional: determine how to control link redirects,
config: { cors: { script: true } }, // optional: determine element cors or inlining #shape src/iframe.ts#L34
});
});
```
On the client use directly in your iframe if your api is on the same server set the url below like this or if your using a framework like gatsby, nextjs, etc or non-express apps
```html
```
You can even fetch the iframe directly by importing `fetchFrame` on the client or server.
Set `safeMode=true` in conjunction with inline scripts to add error handling.
```typescript
import { fetchFrame } from "node-iframe";
async function fetchIframe() {
return await fetchFrame({ url: "https://www.etsy.com", safeMode: false });
}
```
Configure how to handle resources for all request
```typescript
const { configureResourceControl, configureTemplates } = require("node-iframe");
// optional: configure if elements should be inlined, cors, etc, this combines with the `config` param
configureResourceControl({
inline: { script: true, link: false },
cors: { script: true },
});
// optional: configure error-pages - check src/templates for more info
// 0: error, 1: not-found, 2: all templates - check src/templates/config for options
configureTemplates("
No Fish found", 1);
```
[Example](https://a11ywatch.com/testout)
## License
MIT