Jump to content
Sign in to follow this  
Remnant

empty Frame object, possible XSS

Recommended Posts

Remnant

Heya,

Newby to the ie.au3 UDF, but not to AutoIt in general, and I'm having some difficulting automating reports on a Web Managed Reports system Our library uses. The site uses Frames, one for a logo, one for a menu, one for download options, and the one I actually care about for the data. whenever I reutrn either a frame object or a frame collection, the result appears to be empty, and if i add the IEErrorHandlerRegister, I get "Access Denied" warnings.

I've had a hunt through the forums and found some information on XSS, but it doesn't look like any of the frames are from a different site, So I'm wondering if I have a different problem altogether.

specifically the "base" page is as follows

<html>
<title>Circulation Statistics - All Activity</title>
<frameset Rows=60,80% >
<frameset cols=210,80% >
<frame src=/htcircrep/activity/0/a1%7Cu4%7Ce%7C1%7C%7C/logo? name="logo" scrolling="no" marginwidth="0" marginheight="0">
<frame src=/htcircrep/activity/0/a1%7Cu4%7Ce%7C1%7C%7C/tool_1x1? name="tool" scrolling="no" marginwidth="0" marginheight="0">
</frameset>
<frameset cols=210,80% >
<frame src=/htcircrep/activity/0/a1%7Cu4%7Ce%7C1%7C%7C/menu_1x1? name="menu" marginwidth="0" marginheight="0">
<frame src=/htcircrep/activity/0/a1%7Cu4%7Ce%7C1%7C%7C/table_1x1? name=data>
</frameset>
</frameset>
</html>

and the "view source" from the resulting frames (data being the only one I actually care about) is a simple generic form with a stack of check boxes and a submit button, and I can't access any of them. I have tried opening the frame in a new window, and it does work, but every submit button recreates a frameset page.

Any suggestions?

Share this post


Link to post
Share on other sites
PsaltyDS

Have you tried to contact the app's tech support? Their system may have its own internal scripting engine or other automation method available.

:mellow:


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites
Remnant

yeah, they were....... less than helpful. Apparently there is not, but they are willing to look at developing one for the next release for the GDP of a small country.

Share this post


Link to post
Share on other sites
danieljones2006

Ya it didn't help me much either. I need to know how is it possible is XSS. Any help??

Share this post


Link to post
Share on other sites
Remnant

@Daniel huh? are you having a similar problem? or are you commenting on mine?

I need to know how is it possible is XSS

what does this even mean?

Share this post


Link to post
Share on other sites
Remnant

bump again,

Several views, but not a lot of replies. Can I provide more information?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.