Iframe dark magic... dont try this at work

victordcq · March 29, 2022, 10:48am

WARNING
Soo… this has the potential to break the designer (if you press preview), so be careful about the dark magic i am about to share…

But it has the great power to code html and even javascript in perspective!

BEHOLD:

iframe src can render strings as html!
data:text/html,<button onclick=alert('MAGIC')>Magic</button>

It works with <script> BUT this seems to freeze the designer if you press preview mode.

You cant communicate with the components outside the iframe (i think cuz its an iframe afterall, unless perspective has a window message handler that can be called in js) , but still might be some fun things to try with this

tamerplc · March 29, 2022, 12:19pm

Thanks a lot Victor , it’s a magic . i just test and try to play with this trick .
Thanks again

andrews · March 29, 2022, 6:11pm

I didn't fully read but though this thread might be worthy of a read Html code as IFRAME source rather than a URL - Stack Overflow

victordcq · March 30, 2022, 6:49am

Unfortunatly the things said in stackoverflow cant be used in perspective, as they require html/js access