A browser inside a browser

Question

Hi All:

I want to create with Asp.net a browser inside a web page, so that I can process the click events of the user (for statistics analysis).

I kwnow how to do it with Winforms but I need a full online solution, so that:

• The user open an standard browser and types in a start url.
• In this url the menus and bars of the standard browser are hidden and the user can see a "simulated browser", with standard buttons (back, reload, ...).
• From the Asp (c#) code behind this page I can start collecting click data.

Thanks in advance, and keep the good work.

Answer 1

What you want to collect (a heat map of clicks essentially) is doable, but I don't think the way you want to go about it is very feasible.

Try this out.

I think that using this kind of solution with frames, etc. is much more feasible than embedding a browser (this amounts to writing a browser that can be served up by some kind of java/silverlight technology, not trivial).

Another idea would be that since, I assume, you have the permission of your users to track their clicks, write a greasemonkey (firefox plugin) based on the javascript in the link I provided above. You could then have all users use this plugin script combination to give you their clicks.

Answer 2

I don't think browsers will allow you to do this, for the simple reason that it opens up a whole bunch of security holes. If you think about it, an attack site designed like this would be able to follow people around the net tracking their actions, stealing passwords, etc. without them even knowing it was there.

Answer 3

Web browsers are normally designed to prevent this kind of cross-site scripting vulnerability. This would only be feasible if you had the complete cooperation of all sites involved.

Answer 4

This is not so simple for a web app.

Your options are:

• Create a plugin (or Greasemonkey script) for your favorite browser to collect click data.
• JavaScript that tracks the user's cursor position. Keep in mind that this won't be reliable if your users go to other sites from within your site thanks to the fact that JavaScript doesn't work well if scripts come from different origins.

You won't be able to make a "browser" control like you can on a desktop app because browsers intentionally don't allow web sites to be that powerful.

For the "browser in a browser" effect, you can use the tag. Remember, you'll only be able to track user actions in this iframe if the source is from the the same domain as the page it's included on.

Answer 5

Cross domain scripting is impossible by client-side. For obvios security reasons, you can't even read from a frame or iframe pointing to somewhere not from your own site.

Maybe the solution here is to to build something similar to the famous PHPProxy, or PHPBrowser, in this case a "ASP.NET Proxy". Its not that hard to build, you can Google for many exemples of those little codes.

Answer 6

While I doubt you can hide the original browsers toolbars etc, you could set up a single page that does this (it certainly wouldn't handle everything though).

This page would contain a the buttons and textbox required (to make up the inner browser UI) and a placeholder that would contain the page that the user requested. Of course the page contained in the placeholder will need to have all the links replaced so that they can be tracked (I would use linkbuttons). I'm not sure how well form submits would work.

Personally I'd use a proxy if I had control of the computer.