Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unsafe JavaScript attempt to access frame with URL

I have a page with an Iframe and a Javascript from Iframe that access to a function of parent frame. The pages are on the same server (it's not cross domain scripting), I'haven't any problem with FF and IE but when I use it on Chrome I have the message below.

Unsafe JavaScript attempt to access frame with URL http://samedomain:51700/irj/servlet/prt/portal/prtroot/CRMApp73.StoricoApp from frame with URL http://samedomain:51700/irj/servlet/prt/portal/prtroot/CRMApp73.CRMOProxy. Domains, protocols and ports must match.

How can I solve this issue? I search by google since 4 hours. I hope someone can help me.

EDIT: code

This is the JavaScript in the iframe page. This JavaScript call a parent frame Javascript function "setUfficioPostale". This is the point where Chrome give me "Unsafe Access..." error.

<script>
    window.parent.setUfficioPostale(map);
</script>

This is the Javascript in the parent frame for form submitting. This is for sending hidden form with hidden params to a page loaded in iframe.

function onAltroUfficioClick(){
    document.getElementById("hiddenParams").submit();
    $('#framePosteMaps').show();
}

This is the iframe definition in the parent page.

<iframe id="framePosteMaps" scrolling="no" name="framePosteMaps"></iframe>

This is the form with target attribute to send parameters to iframe page.

<form id="hiddenParams" target="framePosteMaps" action="http://samedomain:51700/irj/servlet/prt/portal/prtroot/TestFrameRC.SimPerProxy" method="POST">
    <input type="hidden" name="distanza" value="10">
    <input type="hidden" name="cliente" value="Retail">
    ....................
</form>
like image 708
jRicca Avatar asked Sep 06 '11 10:09

jRicca


3 Answers

The Chrome don't allow you to do that. Code from Iframe cannot access parent code.

like image 101
szanata Avatar answered Nov 15 '22 17:11

szanata


First, check that both pages are being referenced using the SRC attr of the iframe in exactly the same way, I mean:

http://samedomain:51700/irj/
http://samedomain:51700/irj/

beacause it is possible, that even if they are running in the same machine, one of those iFrames is called like:

http://localhost:51700/irj/

and the other:

http://MachineId:51700/irj/

or any other combination.

You can check it by inspecting the code with the Developer tools in all modern browsers.

Chrome allows you to call parent's function if they are in the same domain (I do it everyday), so there shouldnt be any problem.

I use this function to acces children iFrames:

var getIframe = function (id) {
    if ($.browser.mozilla) return document.getElementById(id).contentWindow;
    return window.frames[id];
};

and just "parent.yourParentFunction()" when you want to access a function in the parent.

Check that the parent's function is assigned to the Window object (global namespace)

Good luck with that :-)

like image 41
ChangePictureWeekly Avatar answered Nov 15 '22 18:11

ChangePictureWeekly


The parent frame may have set a document.domain value different from "samedomain". Update the document.domain property in the iframe js to the value set in the parent frame and it should work.

like image 43
X_Cli Avatar answered Nov 15 '22 19:11

X_Cli