Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Drag and drop cross domains, iframes, browsers windows

Thanks stackoverflow i solved a lot of my javascript problems, but now i stopped at the point without hope. It is hard to describe, there is clear video shows my problem with drag drop cross-domains iframe.

http://www.youtube.com/watch?v=v65mO27h75E

  • First part in Iceweasel (and FF, Opera) = iframe d&d work OK.
  • Second part in Chromium (and Chrome) = iframe d&d NOT work.

and there are links to example iframes set and iframes sources:

  • parent page: http:// msdrop.com/msdrop-jquery-test-iframe-frameset.htm
  • iframe A: http:// msdrop.com
  • iframe B: http:// nextgd.com/msdrop-jquery-test-iframe.htm

Is it Chrome bug, or security that comes under "Same origin policy"? This is strange because d&d works excellent between two windows, and want not work at all from parent window to iframe.

Thanks for suggestions. Piotr

EDIT: It's possible Chrome/Chromium security mitigation is overly broad. Issue 251718: https://code.google.com/p/chromium/issues/detail?id=251718

like image 484
user2402837 Avatar asked Jun 06 '13 17:06

user2402837


1 Answers

Now, at: http://msdrop.com/msdrop-jquery-test-iframe-frameset.htm there are 4 iframes

  • IFRAME A: the same domain as parent
  • IFRAME B: other domain
  • IFRAME C: the same domain + sandbox="allow-scripts"
  • IFRAME D: other domain + sandbox="allow-scripts"

In FF, all frames works that i expects.

In Chrome, and Chromium only on iframe A works all dragover, dragenter, dragleave, and drop events.

like image 191
user2402837 Avatar answered Oct 16 '22 20:10

user2402837