English:

Finally I finished working on my first DNN-Module. I know there are already some iFrame modules, but since all of them do have certain restrictions (functional range, costs...), I decided to develop one more iFrame-Module.

Below, I'll summarize epiFrame's functional range:

1)Automatic size adjustment: The iFrame size will be adjusted automaticly according to it's content. It can be chosen, wheter only height (Oversized content results in vertical scrollbars - a good decission on pages with fixed width) or both, height and width (page will be stretched), should be adjusted automaticly.

The adjustment of size does not only occur when loading the page for the first time, but also when browserwindow is resized or iFrame's content gets changed dynamicly.

The only restriction is "Cross Domain Scripting", which is denied for security reasons. So autoresize doesn't work (the same for Autosize Frame Module by DNNSpired), if shown content is from another domain. This leads to the next problem: Most likely the target page does contain external links. Showing the link target inside the iFrame would break it's autoresize feature and furthermore it's also critical due to copyright. For solving that problem, every external link not opening a new browserwindow will be pointed to the main browserwindow instead of the iFrame. This works fine, but I Found no way to touch dynamic javascript links (<a href="javascript:...), it could happen anyway, that the iFrame shows external content. In such case, the user will be brought back to the last local page and a message will be shown, explaining what has happend and asking the user to manually enter the target-address. I know, that this is not the best solution, but I didn't find another way... probably, you can give me some advice???

2) When sites from other domains should be shown anyway (check copyright of external page), automatic resize will be deativated, but epiFrame still offers an extended feature range (self-evidently, this they can also be used, when the shown page is from the own domain): The source-string can contain placeholders, which will be replaced by there corresponding values on runtime. At the moment, following placeholders are supported:

- [Username]
- [UserId]
- [PortalId]
- [epiFrame] - is replaced by the value of a querystring parameter having the same name as the placeholder(e.g. http://localhost/dnn/test/tabid/64/Default.aspx?epiFrame=test)
- [epiFrame_<unique name>] - the same as [epiFrame], but alows an unlimited number of own placeholders by replacing <unique name> with a combination of letters and digits.

Now you can also review the list of avaible placeholders on the Edit epiFrame page: There's a dropdownlist showing all placeholders.

When requested, more placeholders can be added without any problems - just tell me what you need, but please keep in mind, that those placeholders are a potential security risk: The current values are added to the generated HTML-Code in plaintext. When transmitting those values, they are also plaintext. So if you demand for adding the placeholder [PWD], I'll have to think about it very intensively! In such a case, asynchronous encryption would be usefull, but this exceeds my skills.

3) There's an option to turn on "EpiSrc", which means you will be enabled to change the iFrame target through two querystring params (epiSrc, epiSrc_<ModuleId>): For example your querystring could be http://localhost/dnn/test/tabid/64/Default.aspx?epiSrc=http://localhost/dnn/cs/ (also [...].aspx?epiSrc=/dnn/cs/). epiSrc_<ModuleId> does the same, with exception, that it only affects one epiFrame-module with an specific ModuleId - usefull, if there are several epiFrame modules on your page.

You should be aware of the fact, that enabling this option is a potential security risk - especially, when "Block external content" isn't activated. Even "Block external content" doesn't offer real security, since it needs a browser supporting javascript to work properly. For security reasons placeholders are not allowed in those querystring params!

4) "Show Url" will change the page querystring shown in the browser addressbar, depending on the page being currently shown in the iFrame (does only work when "EpiSrc" ist enabled, too)! The generated querystring influenced by the "Friendly Url" setting. The result looks as follows:

- Friendly Urls turned on: http://localhost/dnn/test/tabid/64/epiSrc_415/http%5E3A%5E2F%5E2Flocalhost%5E2Fdnn%5E2Fcs%5E2F/Default.aspx
- Friendly Urls turned off: http://localhost/dnn/Default.aspx?tabid=64&epiSrc_415=http://localhost/dnn/cs/
- Friendly Urls turned on, Relative Urls turned on: http://localhost/dnn/test/tabid/64/epiSrc_415/%5E2Fdnn%5E2Fcs%5E2F/Default.aspx
- Friendly Urls turned on, Relative Urls turned on: http://localhost/dnn/Default.aspx?tabid=64&epiSrc_415=/dnn/cs/

5) The module has versatile settings. for example you can deeply influence the behavior of the autoresize feature. You can receive further information about each option by clicking on the questionmark infront of the option title!

6) Errors can always occur and especially on the internet this is a real problems, since you never know which client is used by the user. For that reason it could e.g. happen, that iFrames are not supported or some javascript functions are causing trouble. Should such a case occur, a corresponding message will be shown, that does also offer a link pointing to an alternative address.

7) Last but not least: The module is free and opensource. It's written entirely in C# and Javascript (Clientside) and is avaiable as a Sharpdevelop-project ( http://www.sharpdevelop.net/OpenSource/SD/ ).

At the moment epiFrame is still a beta version. There could be errors in it and therefor I want to ask everyone showing interest to the module for testing it and giving feedback. Feature requests are also welcome!

You will notice, that the module localization is complete, but language is far from good! Sorry, it'll be fixed...

Download:

Please take a look at the changelog in Post #1!

epiFrame [00.10.03]
epiFrame Src [00.10.03]

older Versions (both Module & Source)



Deutsch:

Endlich habe ich mein erstes Modul fertiggestellt. Da es zwar schon einige iFrame-Module gibt, aber alle gewisse Einschränkungen aufweisen (Funktionsumfang, Kosten...), habe ich mich an die Entwicklung eines weiteren Moduls gemacht.

Im Folgenden will ich die Funktionen kurz zusammenfassen:

1) Automatische Größenanpassung: Die Größe des Frames wird automatisch an die des Inhalts angepasst. Dabei hat man die Auswahl, ob nur die Höhe des iFrame angepasst wird und im Zweifelsfall vertikale Scrollbalken angezeigt werden sollen (z.B. der Fall bei übergroßen Bildern, die keinen Zeilenumbruch zulassen) oder ob in einem solchen Fall die gesamte Seite ausgedeht werden soll.

Die Größenanpassung findet nicht nur beim ersten Laden der Seite statt, sondern ebenfalls sobald die Größe des Browserfensters geändert oder der Inhalt des iFrame dynamisch verändert wird.

Die einzige Einschränkung stellt "Cross Domain Scripting" dar, also domainübergreifende Scriptaktionen, welche aus Sicherheitsgründen (zurecht) unterbunden werden. Für das epiFrame Modul (sowie auch das AutoSize Frame von DNNSpired) gilt daher die Einschränkung, das die automatische Größenanpassung des iFrames nur dann funktioniert, wenn die angezeigte Seite auf der selben Domain liegt, wie Dotnetnuke. Das sorgt natürlich für ein gewisses Problem, da die angezeigte Seite höchstwahrscheinlich auch externe Links enthält. Um dieses Problem zu umgehen und gleichzeitig urheberrechtliche Probleme zu umgehen (fremde Seiten dürfen/sollen nicht in einem Frame eingebunden werden) werden alle externen Links, die kein neues Browserfenster öffnen, auf das gesamte Browserfenster verwiesen. Da diese Funktion keinen Einfluss auf dynamische Links (<a href="javascript:...) hat, könnte es dennoch vorkommen, das eine fremde Seite im Frame dargestellt wird. In einem solchen Fall wird die letzte lokale Seite erneut aufgerufen und dem Benutzer wird ein Hinweise angezeigt, dass er die Zieladdresse doch bitte manuell in die Addressleiste eingeben möge. Mir ist bewusst, dass dies nicht gerade die eleganteste Lösung ist, aber ich habe keinen anderen Weg gefunden... evtl. habt ihr noch einen Tipp für mich???

2) Wenn Seiten externer Domains angezeigt werden sollen (kann bei falscher Verwendung das Urheberrecht Dritter verletzen), ist zwar die automatische Größenanpassung zwangsweise deaktiviert, aber auch in diesem Fall bietet das iFrame noch einen erweiterten Funktionsumfang (funktioniert natürlich auch bei Seiten der eigenen Domain): In der Quellenangabe können Platzhalter verwendet werden, die dynamsich durch den entsprechenden Wert ersetzt werden. Momentan werden folgende Platzhalter unterstützt:

- [Username]
- [UserId]
- [PortalId]
- [epiFrame] - wird durch den Wert des gleichnamigen Querystring Parameter ersetzt (z.B. http://localhost/dnn/test/tabid/64/Default.aspx?epiFrame=test)
- [epiFrame_<unique name>] - funktioniert wie [epiFrame], ermöglicht aber eine unbegrenzte Anzahl eigener Platzhalter, indem <unique name> durch eine beliebige Kombination aus Buchstaben und Zahlen ersetzt wird.

Die Liste der zur Verfügung stehenden Platzhalter wird nun ebenfalls in Form einer Dropdownlist in den epiFrame Einstellungen gezeigt.

Das Hinzufügen weiterer Platzhalter stellt überhaupt kein Problem dar - ihr müsst nur eure Wünsche äußern. Beachtet dabei aber immer, dass diese Platzhalter ein gewisses Sicherheitsrisiko darstellen: Die Daten werden unverschlüsselt in den HTML-Code eingebaut und auch auf diese Weise übertragen. Falls mich jetzt also jemand bittet z.B. den Platzhalter [Pwd] hinzuzufügen werde ich mir das gründlich überlegen! In einem solchen Fall wäre eine asynchrone Verschlüsselung angebracht, die meine Fähigkeiten jedoch übersteigt.

3) In den Einstellungen kann die Funktion "EpiSrc" aktiviert werden. Dadurch lässt sich die im iFrame dargestellte Seite zusätzlich durch zwei Querystring-Parameter (epiSrc, epiSrc_<ModuleId>) bestimmen: So könnte der Querystring z.B. http://localhost/dnn/test/tabid/64/Default.aspx?epiSrc=http://localhost/dnn/cs/ lauten (auch [...].aspx?epiSrc=/dnn/cs/ möglich). epiSrc_<ModuleId> erfüllt den selben Zweck, beeinflusst jedoch nur das Modul mit der passenden ModuleId - nützlich, wenn sich mehrere epiFrame-Module auf einer Seite befinden.

Man sollte sich jedoch klar sein, dass diese Funktion ein potentielles Sicherheitsrisiko darstellt - insbesondere dann, wenn die Funktion "Block external content" deaktiviert ist. Aber auch "Block external content" bietet keine 100%ige Sicherheit, da sie einen javascriptfähigen Browser vorraussetzt! Aus Sicherheitsgründen wurde die Verwendung von Platzhaltern bei Seitenausrufen über epiSrc deaktiviert!

4) Die Funktion "Zeige Url" lässt die aktuell dargestellte Seite in die Addresse der Mutterseite einfließen (funktioniert nur, wenn "EpiSrc" aktiviert ist). Es wird dabei beachtet, ob Friendly URLs aktiviert sind. Das Ergebnis sind dann folgendermaßen aus:

- Friendly URLs aktiviert: http://localhost/dnn/test/tabid/64/epiSrc_415/http%5E3A%5E2F%5E2Flocalhost%5E2Fdnn%5E2Fcs%5E2F/Default.aspx
- Friendly URLs deaktiviert: http://localhost/dnn/Default.aspx?tabid=64&epiSrc_415=http://localhost/dnn/cs/
- Friendly URLs aktiviert, Relative Pfadangaben aktiviert: http://localhost/dnn/test/tabid/64/epiSrc_415/%5E2Fdnn%5E2Fcs%5E2F/Default.aspx
- Friendly URLs deaktiviert, Relative Pfadangaben aktiviert: http://localhost/dnn/Default.aspx?tabid=64&epiSrc_415=/dnn/cs/

5) Das Modul besitzt vielfältige Einstellungsmöglichkeiten. So kann man z.B. auf das Verhalten der Autoresize Funktion starken Einfluss ausüben. Zu den jeweiligen Optionen sind detaillierte Beschreibungen vorhanden. Sie werden durch Klick auf das Fragezeichen vor der jeweiligen Einstellung angezeigt!

6) Fehler können jederzeit unerwartet auftreten und gerade beim Medium Internet ist auch nie sicher, welchen Client der Benutzer verwendet. Aus diesem Grund könnte es vorkommen, dass iFrames nicht untersützt werden oder die Javascript-Funktionen Schwierigkeiten bereiten. Sollte ein solcher Fall eintreten, wird ein entsprechender Hinweis eingeblendet, in welchem auch immer ein Link angeboten, der auf eine alternative Addresse verweist.

7) Das beste zuletzt: Das Modul ist gratis und auch der Source-Code steht zur Verfügung. Das Modul ist in C# und Javascript (Clientside) geschrieben und liegt als Sharpdevelop-Projekt ( http://www.sharpdevelop.net/OpenSource/SD/ ) vor.

Momentan handelt es sich noch um eine Testversion. Es könnten also noch Fehler vorhanden sein und daher möchte ich euch bei Interesse an dem Modul bitten,ein wenig zu testen und mir entsprechendes Feedback zu geben. Auch Wünsche sind willkommen!

Insbesondere sollte daraufhingewiesen werden, dass zwar sowohl die deutsche, als auch die englische Lokalisierung vollständig, aber seitens der Sprache alles andere als gelungen sind. Bei Zeiten werde ich diesen Punkt verbessern...

Download:

Bitte Changelog in Antwort #1 beachten!

epiFrame [00.10.03]
epiFrame Src [00.10.03]

older Versions (both Module & Source)

Changelog:

00.10.03

- Bugfix: Now ShowUrl supports relative URLs
- Bugfix: Now ShowUrl works correctly on IE
- Bugfix: Change javascript error on IE does no longer occur

- Known issue: Some pages (e.g. DotNetNuke-Portals) break the autoresize feature, when being viewed with FF1.5B1 (Can't fix this until Venkman, a javascript debugger, is working together with this firefox beta release)
- Known issue: Two epiFrames Modules on one page doesn't work at the moment. I thought of this problem before writing the module, but somehow forgot about it... Now it ended up in a general (javascript) design problem (and there's a lot of javascript code), which prevents several modules on one page! Therefor it will take a while to fix this problem...

00.10.02:

- Added support for relative Urls (Validator excepts them now and showUrl makes use of them)
- Added: epiSrc now supports relative URLs, but also absolute URLs
- Added option: You can force showUrl to use relative URLs. Furthermore it will use relative URLs by default, if a relative URL is supplied as Src or AltSrc and temporary, when you supply a relative URL by using [epiSrc] or [epiSrc_<ModuleId>].
- fixed bug: http:// should not be appended to [epiFrame] and [epiFrame_<unique name>]

00.10.01:

- Bugfix: Module does not work for anonymous users

00.10.00:

!!!Doesn't work pretty well!!!

- Added epiFrame placeholders
- Added epiSrc function
- Added ShowUrl function
- Added clientside validation for IE
- Some bugfixes

00.09.02:

- Applied V. 00.10.01 bugfix to 00.09.01

The "replace" feature seems to be nice. I will test and I will send you some comments

Thanks for sharing it.

You should test the new version 00.10.01! 00.10.00 had some problems.

I had problems with the placeholders [UserId], [Username], [PortalId], when the user isn't logged in. UserInfo class always returns null vor [Username] (OK, I can understand this - makes sense), [UserId] returns -1 (I can understand this too), and [PortalId] returns -1 too (which I cannot understand).

epiFrame bzw. epiFrame_<unique name> should work correctly!

Thank u fo your beautiful and useful module..I want to report some problems about the module... I used the [epiFrame] placeholder like this: /dotnetnuke/url/mypage.aspx?Job=[epiFrame] and I call the page containing the module like this http://server/dotnetnuke/url/default.aspx?epiFrame=EP but in the end I dont get the parameter "EP" but the parameter " http://EP" ..Why this happens? ...That s the one problem and the second one is that in the Edit Page of the module I cannot give a relative url (without a http://  in front because you have a validation control) and when I give a full url (with a http://localhost/resturl) I get an error message about the cross domain ...and if I "uncheck" the External Domain checkbox I get a javascript error "Object undefined"...
I hope you could solve this..
Thanks again
Marirena

mxag wrote:

Thank u fo your beautiful and useful module..I want to report some problems about the module... I used the [epiFrame] placeholder like this: /dotnetnuke/url/mypage.aspx?Job=[epiFrame] and I call the page containing the module like this http://server/dotnetnuke/url/default.aspx?epiFrame=EP but in the end I dont get the parameter "EP" but the parameter " http://EP" ..Why this happens? ...That s the one problem and the second one is that in the Edit Page of the module I cannot give a relative url (without a http://  in front because you have a validation control) and when I give a full url (with a http://localhost/resturl) I get an error message about the cross domain ...and if I "uncheck" the External Domain checkbox I get a javascript error "Object undefined"... I hope you could solve this.. Thanks again Marirena

1) Ups, the first first thing is a stupid mistake I must made when implementign the epiSrc-Feature. Fixing it is no problem.

2) Indeed you can enter a Url without http:// infront, but it needs to be absolute. I'm not sure, if relative URLs will work anyhow and therefor they are blocked, but I can try to change this.

3) I can not realy reproduce your problem. You should give me some further information about you configuration: Especially I need to know the server-address of your dnn-installation and your browser-version and type!


Some information about the cross domain scripting error:

Browsers don't allow to access pages from other domains for security-reasons. Therfor I can't find out the correct size of the shown page and it's also impossible to touch the links in the target page. Since those features don't work, it is a good thing to block external pages. A cross scripting error is shown, when it's impossible to access the location property of the document shown in the iFrame.

... after turning of blocking of external domains, the page should be shown anyhow and default values will be used...

Thank u for your reply. I have solved my second problem with the module settings Table in the Database where I set the src url  /dotnetnuke/mypage.aspx and it works just fine. I use IE version 6.0 and my server address for dnn installation is http://my_server_name/dotnetnuke
I ll wait for the release with the first (1) correction .
Thanks again

Thanks for your reply. Now I know, that relative URLs are working and I'll change the validator to except them! Mmh, what about the third thing? Everything working now or not and what was the problem?

I'll try to fix everything on sunday...

mxag wrote:

I use IE version 6.0 and my server address for dnn installation is http://my_server_name/dotnetnuke

I overread this part. IE6 shouldn't cause any trouble, since I spend most of the time used for testing on FF1.0.4, FF1.0.6, FF1.5B1 (results should be the same for nearly every Gecko-based browser!), IE6 (XP-Sp2), Opera 8.0.

Probably you got the cross-domain scripting error due to the following:

Dotnetnuke is installed in http://my_first_server/dotnetnuke and the application you want to show is http://my_second_server/testapp

Anyhow, after turning off the block external domains feature, there should be no javascript error. I'll check on that...

Kabelsalat wrote:

Thanks for your reply. Now I know, that relative URLs are working and I'll change the validator to except them! Mmh, what about the third thing? Everything working now or not and what was the problem? I'll try to fix everything on sunday...

Sry, didn't find enough time today... I'll try to fix it as soon as possible!

Good morning my problem is fixed because of the relative URL. The problem was produced when I tried to write http:://my_server_name/dotnetnuke/mypage.aspx and I got the msg "You have to write a valid URL" and I changed it to http://localhost/dotnetnuke/mypage.aspx  but I got the error with the cross domain...etc..
Take your time.. Thank u for your great effort..

mxag wrote:

Good morning my problem is fixed because of the relative URL. The problem was produced when I tried to write http:://my_server_name/dotnetnuke/mypage.aspx and I got the msg "You have to write a valid URL" and I changed it to http://localhost/dotnetnuke/mypage.aspx  but I got the error with the cross domain...etc.. Take your time.. Thank u for your great effort..

...but this shows, that it should be possible to use relative urls without changing the database!

The problem is, that I can only fix the problem at home. It would be the best, if I could to this @school, but those pcs don't have the .net sdk installed :(

/edit: At the moment the following changes are made:

- "http://" isn't added to [epiFrame] (really stupid bug)
- Validator doesn't block relative URLs

Todo:
- Need to update the epiSrc feature for compatibility with relative URLs
- Need to fix the "3rd thing" (problem with external domain blocker). You said, you solved the problem for your configuration, but I'm not sure, if there's still a problem left (or it the problem was specific to your machine/module usage/whatever)... I'd really like to fix it, but I can't reproduce it!!!

Most of the changes are done now, so the next release will be soon!

@mxag: I finished changing the module. At the moment everything seems to work fine, but I'll do some more tests before release and the localization needs to be updated.  If you need the module  right now, you should send me an e-mail, pm or something else and I'll send you the module!

Changes:

- Added support for relative Urls (Validator excepts them now and showUrl makes use of them)
- Added: epiSrc now supports relative URLs, but also absolute URLs
- Added option: You can force showUrl to use relative URLs. Furthermore it will use relative URLs by default, if a relative URL is supplied as Src or AltSrc and temporary, when you supply a relative URL by using [epiSrc] or [epiSrc_<ModuleId>].
- fixed bug: http:// should not be appended to [epiFrame] and [epiFrame_<unique name>]

> New version: 00.10.02 <