0

I want to implement the proxy website like kproxy.com, so that I can load any website in my site's iframe and proxy all the data of website from my server

I have checked their functionality and I found out that they replace all the script tags, link(css) tags and image tags to fetch the content from their server

eg. if original website contains tag like

<script src="http://google.com/abc.js"></script>

they will replace it with 

<script src="http://kproxy.com/redirect/foo/bar/abc.js"></script>

I have accomplished this kind of functionality with replacing all nodes so they can be proxied through my server

but now the problem remains with the ajax calls, which will be originated by javascript and will call the original server, so in my iframe I will sometimes get "x-frame-options = SAMEORIGIN" error

So what can I do for having the same functionality like kproxy does? and proxy all the traffic through my server only.

Rushi Soni
  • 1,088
  • 1
  • 13
  • 21

1 Answers1

1

Your problem arises from some links (probably AJAX ones) being generated towards a different domain.

You should check the scripts you download for URLs being built at runtime like

...a="https:"==g.location.protocol?"https://csi.gstatic.com/csi":"http://csi.gstatic.com/csi");return...

(example taken from Google Analytics). Same goes for some jQuery applets.

Also, you should verify that some of the scripts don't make AJAX calls of their own to retrieve further URLs. If they do, you need to check whether you want to proxy those calls as well.

Basically, for each call that gives you a same-origin failure, you need to track whence it came from, and instruct your proxy to recognize and rewrite it.

Or you can try and do the same in Javascript, i.e., inject Javascript code that will rewrite those URLs at runtime. For example you could have an explicit check for, say, CKEditor

// client requested a script and you, the proxy, fetched it in 'script'
if (script contains 'CKEDIT.options') {
    determine init call position in script
    split the script in two, A and B, before and after the init call
    make 'script' equal to a new script made up of B plus C plus A concatenated
    where C is the line "CKEDIT.options.url = 'http://mysite/proxy...';\n"
    so that, user side, the initialization will happen with your site's address
    The script will then propagate that address in lots of places without need
    for you to rewrite anything else.
} else {
    // script is unmodified
}
... other checks like the above...

... finally:
send 'script' to the client
LSerni
  • 55,617
  • 10
  • 65
  • 107