I have a generic question which I am trying to get a bit of information on.
I have a server and on this server I have a webform which submits to an API.
A third party company has a server and they need to host my form. As such, they IFrame my form into their page.
Is there any possible way for the third party company to obtain the data entered into the form contained within the iframe? Will their Apache logs record the data? Can they do something on their server which can help them get data?
My server is secure, it wont allow CORS or anything of this sort. The question is whether they can do anything their side to obtain the inputted data?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 做个烂人 的文章《IFrame security and CORS》','https://www.manongdao.com/article-397219.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}