Cross domain javascript form filling, reverse proxy

Posted by Michel van Engelen on Server Fault See other posts from Server Fault or by Michel van Engelen
Published on 2010-09-14T14:40:32Z Indexed on 2012/04/09 5:32 UTC
Read the original article Hit count: 841

I need a javascript form filler that can bypass the 'same origin policy' most modern browsers implement.

I made a script that opens the desired website/form in a new browser. With the handler, returned by the window.open method, I want to retrieve the inputs with theWindowHandler.document.getElementById('inputx') and fill them (access denied).

Is it possible to solve this problem by using Isapi Rewrite (official site) in IIS 6 acting like a reverse proxy? If so, how would I configure the reverse proxy?

This is how far I got:

RewriteEngine on
RewriteLogLevel 9
LogLevel debug 

RewriteRule CarChecker https://the.actualcarchecker.com/CheckCar.aspx$1 [NC,P]

The rewrite works, http://ourcompany.com/ourapplication/CarChecker, as evident in the logging. From within our companysite I can run the carchecker as if it was in our own domain. Except, the 'same origin policy' is still in force.

Regards,

Michel

© Server Fault or respective owner

Related posts about reverse-proxy

Related posts about JavaScript