Ihre Sitzung ist abgelaufen. In Kürze werden Sie zur Homepage weitergeleitet… Your session has expired. You'll be redirected to Home page in a few seconds...
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Origin Helper Tools</title> <style> body font-family: monospace; padding: 2rem; background: #f5f5f5; pre background: #fff; padding: 1rem; border-left: 4px solid #007acc; button margin: 0.5rem 0; padding: 0.5rem 1rem; cursor: pointer; </style> </head> <body> <h1>🔧 Origin Helper Tools</h1> <p><strong>Current origin:</strong> <code id="originDisplay"></code></p> <p><strong>Parent origin (if iframe):</strong> <code id="parentOrigin"></code></p> <button id="testFetch">Test GET to /api/ping</button> <pre id="output">Ready. Send postMessage commands:</pre>
// Listen for commands from parent window.addEventListener('message', async (event) => output.innerHTML += `\n> Received: $event.data.type `; if (event.data.type === 'test_fetch') try '/api/ping'); const body = await res.text(); respondToParent('fetch_result', status: res.status, body: body.substring(0, 200) ); catch (err) respondToParent('fetch_error', err.message); else if (event.data.type === 'get_cookie') respondToParent('cookie_data', document.cookie); else if (event.data.type === 'ping') respondToParent('pong', Date.now()); ); origin_helper_tools.html
// Helper: send message back to parent function respondToParent(command, data) if (window.parent !== window) window.parent.postMessage( type: 'origin_helper_response', command: command, data: data, origin: window.location.origin , '*'); // In production, restrict to specific parent origin else output.innerHTML += `\n> Response (no parent): $command -> $JSON.stringify(data)`; Origin Helper Tools<
<script> const originDisplay = document.getElementById('originDisplay'); const output = document.getElementById('output'); // Show current origin originDisplay.textContent = window.location.origin; // Show parent origin if in iframe try if (window.parent !== window) const parentOrigin = document.referrer ? new URL(document.referrer).origin : 'unknown'; document.getElementById('parentOrigin').textContent = parentOrigin; else document.getElementById('parentOrigin').textContent = 'not in iframe'; catch(e) document.getElementById('parentOrigin').textContent = 'blocked by cross-origin'; body font-family: monospace
