So I am currently working on merging an old legacy system into a new system. The system loads a .HTML file in an iFrame using an API proxy.
That is secure and nailed down. The only issue is within the .HTML file none of the assets have the token. So when it tries to load an image it looks like this (without a token).
Is there anyway of intercepting each request between the iFrame and the endpoint to add the token to it?
I am using Laravel/PHP but it doesn’t really matter just as long as the solution is in PHP or JS.