Hide domain name in page. Mirror?

Starbuck · 2010-10-02 18:17:07 UTC

I have a page hosted at DH where I want to place an IFrame that renders content from another site. More specifically, I have a Drupal site with a page where I’ve placed an IFrame to get live dynamic content from an IIS box where I’m hosting an ASP.NET app. I don’t like the idea that my dh_site.com website has an IFrame that links directly to my iis_site.com site - it’s just a little too much exposure.

So I’d like to refer to dh_site.com/othersite/page.aspx and have that and all other references to /othersite retrieve content transparently from the other domain.

Is this redirection? Mirroring? How can I set this up?

For anyone else doing something like this, another technique would be to do this:
[php]<?php
$url = “http://iis_site.com/page.aspx”;
print file_get_contents($url);
?>[/php]
The problem there is that you need to remove all wrapper tags and just render content. There will also be problems with scripts, CSS, etc. because the content is all a part of the local page. With an IFrame, all content is in a little page of its own, wrapped in HTML tags. If you use the file_get_contents method the URL isn’t exposed because the page is processed on the server and output as returned as pure text. Whereas an IFrame itself is rendered to the browser, which then follows the link back from the IFrame as another HTTP call.

I need the client to make the call for state management, callbacks, etc. I just don’t want to expose my iis_site.com in the process.

Thanks!

Starbuck · 2010-11-30 20:42:46 UTC

bump?

patricktan · 2010-12-02 10:01:18 UTC

I think what you are looking after is cloaked domain. Check DH panel --> Domains --> Manage Domains --> DNS --> Cloaked

Starbuck · 2011-09-10 01:55:18 UTC

The project requiring this functionality got put on the back-burner but it’s back up front. Thanks for your prior response Patrick. I’d be happy to hear from anyone in this renewed inquiry.

Under Manage Domains we can Add New Sub-Domain and scroll down to Cloaked. From there we get the options:
Domain to cloak and Site to display

I’m trying to understand what the limitations are. The DH wiki is inaccurate and incomplete on this topic:
http://wiki.dreamhost.com/Add_a_domain

The Domain to cloak can be anysub.primary.tld.
The Site to display works if it’s a hostname, or if a path is appended.
When used in a browser or iframe src, anything after the Domain to cloak is ignored and not passed to the server.

Example 1: Good
Where Site to Display = "http://iis.host.com:12345"
Iframe to “iis.dhdomain.com” shows the content at the root.

Example 2: Good
Where Site to Display = "http://iis.host.com:12345/Path"
Iframe to “iis.dhdomain.com” shows the content under Path.

Example 3: Bad
Where Site to Display = "http://iis.host.com:12345/Path"
Iframe to “iis.dhdomain.com/?p1=abc” shows Path content but does not pass p1=abc as the querystring nor in any header value.

Example 4: Bad
Where Site to Display = "http://iis.host.com:12345/Path"
Iframe to “iis.dhdomain.com/SubDir” returns a 404 even if /Path/SubDir has content.

I need to pass context data in the query string in the iframe src. Do I just have the format of the URL wrong? Or is some setting required on the cloak/DNS to pass more data from queries?

Any better way to approach this?
Thanks![hr]
As often happens, a solution seems to appear just after the plea for help is made.

It seems that on initial page load, the Referrer header is the Site to Display value with the full query string. After this I’m doing Ajax postbacks, where the Referrer is now the direct Domain to Cloak value. On initial load I can capture the query string and send back what I need in session state, that’s not a problem. So this issue could be solved.

However…

If that cloaked domain is exported into the browser after a postback, the whole purpose of cloaking is defeated. I’m going to apply WireShark to the transactions to see if I can see the cloaked domain in the stream, maybe even masked in ASP.NET ViewState. Then I’ll see if I can modify that on outbound responses so that everything comes back through the display hostname.

Does any of this sound familiar to anyone? Is there a standard, simpler solution to ensuring that only DH and the DNS have any view of the actual cloaked domain?

Thanks again!