8

我有一个嵌入网站的产品,类似于 Paypal(客户将我的按钮添加到他们的网站,用户单击此按钮,一旦服务完成,我会将他们重定向回原始网站)。

我想在不实际修改他们的实时网站的情况下向客户演示我的技术。为此,是否可以配置http://stackoverflow.myserver.com/使其镜像http://www.stackoverflow.com/同时无缝注入我的按钮?

意思是,我想演示在实时网站上使用我的按钮的体验,而无需在我的服务器上实际重新托管客户的数据库。

我知道这里存在安全问题,所以只要我们满足要求,请随时提及它们。我不需要为使用 HTTPS 的网站演示这个。

更具体地说,我想通过在页面中注入一个 Paypal 按钮来展示有关 Stackoverflow 问题的财务奖励的想法。我如何在不修改https://stackoverflow.com/的情况下演示这个http://stackoverflow.myserver.com/

重开请求:我已根据您的要求将问题改写为更具体。如果您仍然认为它过于宽泛,请通过在下面发表评论来帮助我理解您的推理。

更新:我在如何重写 Javascript 代码引用的 URL上发布了后续挑战?

更新 2:我放弃了小书签和 Greasemonkey 的想法,因为它们需要客户端安装/修改。我们需要使流程尽可能无缝,否则许多人会被流程关闭,不会让我们推销。

4

3 回答 3

3

我建议使用HTTP 处理程序创建代理。

ProcessRequest你可以做一个HttpWebRequest来获取另一边的内容,改变它并将调整后的html返回给浏览器。您可以重写内部的 url 以允许从原始源加载图像等。

public void ProcessRequest(HttpContext context)
{
  // get the content using HttpWebRequest
  string html = ...

  // alter it

  // write back the adjusted html
  context.Response.Write(html);
}
于 2014-03-05T15:34:51.090 回答
1

如果您在客户端进行演示并希望快速破解它,您可以使用一些 jQuery 来完成它。我在 SO 标志后按了一下按钮只是为了演示。您可以在控制台中输入:

$('head').append('<script src="https://www.paypalobjects.com/js/external/dg.js" type="text/javascript"></script>')
$('#hlogo').append('<form action="https://www.sandbox.paypal.com/webapps/adaptivepayment/flow/pay" target="PPDGFrame" class="standard"><label for="buy">Buy Now:</label><input type="image" id="submitBtn" value="Pay with PayPal" src="https://www.paypalobjects.com/en_US/i/btn/btn_paynowCC_LG.gif"><input id="type" type="hidden" name="expType" value="light"><input id="paykey" type="hidden" name="paykey" value="insert_pay_key">')
var embeddedPPFlow = new PAYPAL.apps.DGFlow({trigger: 'submitBtn'});

enter image description here

Now, I'm not sure if I did something wrong or not because I got this error on the last part:

Expected 'none' or URL but found 'alpha('.  Error in parsing value for 'filter'.  Declaration dropped.

But at any rate if you are demoing you could just do this, maybe as a plan B. (You could also write a userscript for this so you don't have to open the console, I guess?)

于 2014-03-05T15:51:47.017 回答
0

After playing with this for a very long time I ended up doing the following:

  1. Rewrite the HTML and JS files on the fly. All other resources are hosted by the original website.
  2. For HTML files, inject a <base> tag, pointing to the website being redirected. This will cause the browser to automatically redirect relative links (in the HTML file, CSS files, and even Flash!) to the original website.
  3. For the JS files, apply a regular expression to patch specific sections of code that point to the wrote URL. I load up the redirected page in a browser, look for broken links, and figure out which section of JS needs to be patched to correct the problem.

This sounds a lot harder than it actually is. On average, patching each page takes less than 5 minutes of work.

The big discovery was the <base> tag! It corrected the vast majority of links on my behalf.

于 2014-04-22T22:18:21.663 回答