Sie sind nicht angemeldet.

Block iframe use

PelicanMedia

Anfänger

  • »PelicanMedia« ist der Autor dieses Themas

Beiträge: 10

Wohnort: Colchester, Essex, UK

  • Nachricht senden

1

Montag, 16. Mai 2022, 10:38

Block iframe use

Hi all,

I have a tour set up on 'https://domain1.com/tour' but my pano assets are stored on 'https://domain2.com/panos/xyz123/...'. I have seen in some of the examples there are options to use different assets if the tour is accessed via different domains. e.g from 1 domain it uses 'x' assets and if not it uses 'y' assets.
ie in the Wine Cellar example

Quellcode

 
1
2
3
4

<image>
    <cube url="panos/mitte.tiles/pano_%s.jpg" if="browser.domain != 'krpano.com'" />
    <cube url="https://krpano.com/tours/bkeller/panos/bkeller2010-mitte.tiles/pano_%s.jpg" if="browser.domain == 'krpano.com'" />
</image>


What would I need to put in my tour.xml to use different assets if the link I send out to a client (https://domain1.com/tour) is used in an iframe on https://domain3.com? Ideally, I'd like to block it from being used in an iframe but the .htaccess lines (on both domain1 and domain2) I have used aren't working.

Thanks

noupunt

Schüler

Beiträge: 47

Wohnort: Barcelona

Beruf: Photographer and full stack developer

  • Nachricht senden

2

Dienstag, 17. Mai 2022, 01:14

My way to solve this is that one:

In index.hml(or where you have the embedpano() )

In var 'direction' you ask if location is diferent to parent.location. If so, it means that the tour is inside an iframe, so you give it the route for iframes. Other ways you give it the route for the non iframe.

In the embedpano(), inside initvars you create a variable (BASEDIRPANOS) and give it the value of 'the var 'direction'

Zitat

var direction = window.location !== window.parent.location ? 'iframerute' : 'panosrute'
embedpano({
....
initvars: {
BASEDIRPANOS:direction,
},
....
})
in tour.xml you have to repalace the normal 'panos/' with this initvar like this: %$BASEDIRPANOS%

Zitat


<scene name="scene_01" title="scene_01" onstart="" thumburl="%$BASEDIRPANOS%/shutterstock_1806442003.tiles/thumb.jpg" lat="" lng="" heading="">

<control bouncinglimits="calc:image.cube ? true : false" />
<view hlookat="0.0" vlookat="0.0" fovtype="MFOV" fov="120" maxpixelzoom="2.0" fovmin="70" fovmax="140" limitview="auto" />
<preview url="%$BASEDIRPANOS%/shutterstock_1806442003.tiles/preview.jpg" />
<image>
<cube url="%$BASEDIRPANOS%/shutterstock_1806442003.tiles/%s/l%l/%v/l%l_%s_%v_%h.jpg" multires="512,640,1280,2560" />
</image>

</scene>
And that's it!
If you want to block all the content, use the same logic with the whole krpano embedpano({...}) with an if function.

Zitat

if ( window.location === window.parent.location) {
embedpano({
....
})
}

* i don't know if this is a crossbrwoser solution

klaus.krpano

Administrator

Beiträge: 13 499

  • Nachricht senden

3

Dienstag, 17. Mai 2022, 14:20

Hi,

there are multiple ways, but if just blocking is your intention, then you could also just use the protect tool - it has this option:

Zitat

[x] Block viewer embedding into external (cross-domain) iframe

When enabled, embedding into other domains will not work and shown an error.

Best regards,
Klaus

PelicanMedia

Anfänger

  • »PelicanMedia« ist der Autor dieses Themas

Beiträge: 10

Wohnort: Colchester, Essex, UK

  • Nachricht senden

4

Freitag, 20. Mai 2022, 10:54

Hi both,

Thanks very much for the 2 options.
After speaking with my MD we've gone with the outright block (Klaus' option). Difficult client ;-)

Handy to know noupunt's method for future reference.

Thanks again

Ähnliche Themen