>So I can have a frame load up amazon.com and check if they're on the page >where they put in the credit card information and do the following: a. >read the information from the fields directly (would have check it every >few seconds and submit to the home server through ajax or something)
This is called cross-frame scripting and you can not use JS to read in the contents of another frame on another domain. There are some very strict guidelines as to what can be done between frames when JS is involved. The problem is, what most thieves do is just create a page that looks just like the Amazon page and use spoofed url (which looks legit, ie http://www.amazon.com:[EMAIL PROTECTED]/.) This is called phishing and is much more common and affective. -Dan ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:229974 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
