Menu
i was trying to inject script inside an iframe element trying to implement this way, child and parent does not belong to same domain (i know XSS is prevented in latest browsers) is there any way to inject script to child element of button click on parent element. (kinda similar running scripts in chrome console)
var myIframe = document.getElementById("myIframeId");
var script = myIframe.contentWindow.document.createElement("script");
script.type = "text/javascript";
script.src = "randomshit.js";
myIframe.contentWindow.document.body.appendChild(script);
383
Nope. Same Origin Policy dates back to Netscape 2.0.
Unless you can hack/XSS the other site's files to inject the JS, you will have a hard time.
Now if you legitimately need to communicate with the other page, and you either have control of the other page or can setup it to communicate with your server, you can use window.postMessage, JSONP or even Ajax with CORS (latter 2 will be harder to pass dynamic content though). But I believe it is not the case.
91
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
