admin管理员组

文章数量:1287246

I have a page thusly:

<html>
    <head></head>
    <body>
        <iframe src="local.html"></iframe>
        <iframe src=""></iframe>
    </body>
</html>

I've used the DOM to access the first iframe as a test (node.documentWindow) but when I try similar on the external iframe Firebug reports that access is denied.

I suspect this is for XSS protection, but is there a "safe" way to import the node so I can grab an element from that external page? Is there a way to explore the "document as rendered" or something?

Thanks!

I have a page thusly:

<html>
    <head></head>
    <body>
        <iframe src="local.html"></iframe>
        <iframe src="http://www.google."></iframe>
    </body>
</html>

I've used the DOM to access the first iframe as a test (node.documentWindow) but when I try similar on the external iframe Firebug reports that access is denied.

I suspect this is for XSS protection, but is there a "safe" way to import the node so I can grab an element from that external page? Is there a way to explore the "document as rendered" or something?

Thanks!

  • javascript
  • html
  • dom
  • iframe
  • xss
Share Improve this question edited Jun 26, 2015 at 13:25 Leandro Santiago Gomes 1471 gold badge4 silver badges11 bronze badges asked Mar 3, 2010 at 20:30 Alex McpAlex Mcp 19.3k12 gold badges61 silver badges94 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 13

Nope. Cross domain security prevents this. The only way around is if the surrounding page, and the iframe, are on different subdomains on the same domain. In that case, you can use document.domain.

This is pretty much a given. Imagine the security implications if this were not the case. You could build an iframe containing a user's home banking page, and grab their password using keydown, for example. There's tons of possibilities of misuse.

本文标签: htmlHow can you access an external iframe39s contents via the DOMJavascriptStack Overflow

版权声明:本文标题:html - How can you access an external iframe&#39;s contents via the DOMJavascript? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741232803a2362415.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。