Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeDNN Open Source...DNN Open Source...Module ForumsModule ForumsIFrameIFrameSecurity and IFrameSecurity and IFrame
Previous
 
Next
New Post
9/25/2008 4:36 PM
 
Stan Kitson

Joined: 7/16/2004
Posts: 184

We have a DNN site on which we need to display a registration form and credit card payment processor from another web app. The web app with the payment system is secured with a website certificate. We were thinking of using the IFrame to display the form and payment fields.

Would I need another certificate for the DNN sire with the IFrame?
If both sites have certificates, is the transaction still secure using an IFrame?

Thanks
 
New Post
9/25/2008 5:29 PM
 
Vitaly Kozadayev


Joined: 12/11/2003
Posts: 1112

If your payment processor domain name is different than your DNN website, browsers will display "Incorrect Certificate" errors: just look here - http://www.dnniframe.com/iframe-samples/ssl-usage.aspx

Vitaly Kozadayev
Principal
Viva Portals, L.L.C.
 
New Post
9/26/2008 10:08 AM
 
Stan Kitson

Joined: 7/16/2004
Posts: 184

Okay. If I place the web app at the end of the DNN domain I should be okay.

A related question, I noticed in other threads that a login via IFrame is not possible because passwords are passed via query string.
Is other form data passed the same way... for example a registration form that has name, address, credit card number, etc... is that passed from the Iframe to the registration form in a query string?

Also, as an FYI, I set up a test site using an Iframe and had the login page to a web app appear in the Iframe. I was unable to login using IE 7, but was able to login using FireFox 3.0.1 ...
 
New Post
9/26/2008 11:05 AM
 
Vitaly Kozadayev


Joined: 12/11/2003
Posts: 1112

The nature of IFRAME object is such that it can only use a QueryString parameters to pass values to the iframe'd page. As a result, all these values are in the plain view of anyone vaguely familiar with HTML. So, yes - if you were to pass someone's name from IFRAME containing page to a page inside an IFRAME, you'd be passing it via SRC attribute of IFRAME tag.

On the other hand, the page inside IFRAME is independent and doesn't need to pass anything to the containing page. So, your creadit card processing is as safe as the inner page's code.

Not sure what you mean in the last point, though. Can you explain it to me, please :) ?

Vitaly Kozadayev
Principal
Viva Portals, L.L.C.
 
New Post
9/26/2008 12:51 PM
 
Stan Kitson

Joined: 7/16/2004
Posts: 184

I added an Iframe to a site and had one of our web apps login pages as the target URL.

When I used IE7 to access the page with the Iframe and entered the username and password I could not enter the web app.
When I used Firefox and went to the same Iframe page, entered the username and password I logged into my web app.

The Iframe is a module I've never used and wonder if there is a "How To" anywhere. I've read a lot of the threads and have a little (very little) understanding of it, but would like more. I'm particularly interested in how to use query string parameters.

Thanks for your help
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeDNN Open Source...DNN Open Source...Module ForumsModule ForumsIFrameIFrameSecurity and IFrameSecurity and IFrame


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out