0

I want to embed a cross-origin iframe (for example: a Google page) in my HTML and intercept or mock some of its network requests. It would be without using browser extensions, proxies, or external tools. It needs to work out of the box when a user visits the page.

<iframe src="https://www.google.com" description="My embedded browser"></iframe>

Is there any way to intercept or stub requests from this iframe using only vanilla JavaScript and HTML? Or is this blocked by browser security policies?

My goal here is mostly to learn. I’m experimenting with how HTTP, certificates, and HTML interact, and I was curious if I could reuse a frontend with a custom backend.

asked Oct 11 at 5:14
6
  • 1
    1. If you own the page, patch the fetch const origFetch = window.fetch; window.fetch = mockFetch. 2. If you do NOT own the page, you can consider to Your browser will request data from an IP address. If you modify your host file 127.0.0.1 api.example.com, you can mock it all you want. You likely have to issue a certificate so localhost runs https Commented Oct 11 at 13:59
  • 3 downvotes and the question got closed because it is "missing details or clarity". But except for @KIKOSoftware, no one has given any feedback, asked any additional information, or told me what kind of details are missing. I'm not sure what kind of details I need to add and how to edit my question... I updated my question but without more information I'm shooting in the dark here and I need help to know what is missing Commented Oct 13 at 1:43
  • 1
    What if you downloaded the HTML of the page with Javascript, using fetch() for instance? You can then modify the HTML to add some Javascript to monitor request, and then you put that HTML in the iframe. This could work, but might not work if the resources, that the HTML wants to load, are protected against cross-origin requests. Those request are now coming from your domain. In other words, this is difficult. Perhaps people closed your question because you didn't tell them why you want to do this? Commented Oct 13 at 8:15
  • Thanks @KIKOSoftware, I really appreciate your suggestions. From what I understand, there’s no straightforward way to do this purely on the frontend, especially with HTTPS and certificate issues. I was hoping that mocking everything client-side would avoid those problems, but it seems more complex than expected. My goal here is mostly to learn. I’m experimenting with how HTTP, certificates, and HTML interact, and I was curious if I could reuse a frontend with a custom backend. Commented Oct 13 at 10:08
  • 1
    In general people who downvote don't give a reason. It would be kind and helpful, but most just assume you take the effort to read the help section that explains it all. Short questions with little information often get downvoted. Here, for instance, you put your motivation in a comment whereas this should be part of the question. You also didn't tell us all the things you've already tried. Stack Overflow can be rough, but it does rewards good questions as well. Commented Oct 13 at 10:47

0

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.