x-frame-bypass
CORSflare
| x-frame-bypass | CORSflare | |
|---|---|---|
| 4 | 2 | |
| 642 | 145 | |
| - | - | |
| 1.8 | 0.0 | |
| 7 days ago | over 3 years ago | |
| JavaScript | JavaScript | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
x-frame-bypass
- Web Component extending IFrame to bypass X-Frame-Options: deny/sameorigin
-
Hi all, I could use some help making a modal that shows a website instead of the usual modal content.
No idea if it works, but this repo claims to do what you need
-
Allow IIS to manipulate IFrame content for specific domain
You can try this https://github.com/niutech/x-frame-bypass but it may very well not be able to do what you need and chances are it will be a big headache. I'd recommend looking for a different solution.
-
Show HN: Searchall – search all major indexes on one page (with iframes)
Try out some queries from your browser history and see if anything beats google. Other engines are more likely to beat google for queries that google has failed at.
Majority of engines were found at below link. Surprisingly many engines use the same indices, for example duckduckgo is mostly just privacy-protected bing. Big thanks to Rohan Kumar.
https://seirdy.one/2021/03/10/search-engines-with-own-indexe...
A proxy is needed to bypass iframe restrictions for most websites. I used this x-frame-bypass client js code [https://github.com/niutech/x-frame-bypass] which (previously?) used proxy.megatunger.com . That free proxy could be recording your queries, who knows, so use caution.
If (when actually) that proxy goes down I think I'll set up something like CORSflare to have a more reliable and trustworthy alternative. [https://github.com/Darkseal/CORSflare]
I hacked this together over about one workday in total so it's likely to have significant issues. You can comment them here or (preferably) file an issue on the repo: [https://github.com/qpwo/searchall/]
There's also a demo video on the repo if the site goes down but you wanted to see how it looks. Feel free to file feature requests on the repo as well. If you'd rather copy it and make your own version then that's fine too.
I'll try to reply to all comments here.
CORSflare
-
Show HN: Searchall – search all major indexes on one page (with iframes)
Try out some queries from your browser history and see if anything beats google. Other engines are more likely to beat google for queries that google has failed at.
Majority of engines were found at below link. Surprisingly many engines use the same indices, for example duckduckgo is mostly just privacy-protected bing. Big thanks to Rohan Kumar.
https://seirdy.one/2021/03/10/search-engines-with-own-indexe...
A proxy is needed to bypass iframe restrictions for most websites. I used this x-frame-bypass client js code [https://github.com/niutech/x-frame-bypass] which (previously?) used proxy.megatunger.com . That free proxy could be recording your queries, who knows, so use caution.
If (when actually) that proxy goes down I think I'll set up something like CORSflare to have a more reliable and trustworthy alternative. [https://github.com/Darkseal/CORSflare]
I hacked this together over about one workday in total so it's likely to have significant issues. You can comment them here or (preferably) file an issue on the repo: [https://github.com/qpwo/searchall/]
There's also a demo video on the repo if the site goes down but you wanted to see how it looks. Feel free to file feature requests on the repo as well. If you'd rather copy it and make your own version then that's fine too.
I'll try to reply to all comments here.
-
Question about HTTPS requests
Otherwise, if it is on a server, when you make the request, add a header like “Origin”: “https://(sitename).com/“ where sitename would be the URL (not yours, in this case Pipedream’s) to avoid CORS. If worse comes to worse though, you could make your own proxy using Cloudflare Workers. There’s also Cloudflare CORS-Anywhere and CORSFlare
What are some alternatives?
react-frame-component - Render your React app to an iFrame
cloudflare-cors-anywhere - CORS "anywhere" proxy in a Cloudflare worker. DEMO at: https://test.cors.workers.dev/
zoid - Cross domain components
fastify-cors - Fastify CORS
iframe-resizer - Keep same and cross domain iFrames sized to their content with support for window/content resizing, in page links, nesting and multiple iFrames
cloudflare-worker-router - A super lightweight router (1.0K) with middleware support and ZERO dependencies for Cloudflare Workers.
css-doodle - 🎨 A web component for drawing patterns with CSS.
terraform-cloudflare-maintenance - Terraform module to create a responsive Maintenance Page using Cloudflare Workers.
react-kapsule - React wrapper for kapsule-style web components
paste-story - A serverless Pastebin that allows users to share text content through a link
web-otp-input - A custom element to make it really easy to use the WebOTP API
add-cors - A simple Node proxy to attach CORS headers to a response of a queried request to an endpoint.