当前位置:theitroad>Javascript Uncaught SecurityError: Blocked a frame with origin ... from access a frame with origin

Javascript Uncaught SecurityError: Blocked a frame with origin ... from access a frame with origin

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/28284765/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-08-23 01:33:18  来源:igfitidea点击:

Uncaught SecurityError: Blocked a frame with origin ... from accessing a frame with origin

javascriptsecurityiframesame-origin-policy

提问by Stranded Kid

I've made a component for an SAP solution (whatever) that is embedded into a report through an iframe. After I deployed the report on an SAP plateform (BO), I got this error (on Chrome, but does not work on IE or FF either):

我为 SAP 解决方案(无论什么)制作了一个组件,该组件通过 iframe 嵌入到报告中。在 SAP 平台 (BO) 上部署报告后,出现此错误(在 Chrome 上,但在 IE 或 FF 上也不起作用):

Uncaught SecurityError: Blocked a frame with origin "http://support.domain.com" from accessing a frame with origin "http://support.domain.com". The frame requesting access set "document.domain" to "domain.com", but the frame being accessed did not. Both must set "document.domain" to the same value to allow access.

The iframe is embedded into my component so it's suppose to run on the same domain with same port than report.

iframe 嵌入到我的组件中,因此它应该在具有相同端口的同一个域上运行而不是报告。

I found this poston SO and this one, but it does not really helped me to understand what I need to do.

我在 SO 和 this one上找到了这篇文章,但它并没有真正帮助我理解我需要做什么。

Is there a way to get rid of this, or at least work around this ? Thanks :).

有没有办法摆脱这个,或者至少解决这个问题?谢谢 :)。

EDIT:

编辑:

Host Page URL : http://support.domain.com/BOE/OpenDocument/opendoc/openDocument.jsp?sIDType=CUID&iDocID=AbmffWLjCAlFsLj14TjuDWg

主机页面 URL:http: //support.domain.com/BOE/OpenDocument/opendoc/openDocument.jsp?sIDType=CUID&iDocID= AbmffWLjCALFsLj14TjuDWg

URL of the file calling a property on the iframe (and generating the error) : http://support.domain.com/BOE/OpenDocument/1411281523/zenwebclient/zen/mimes/sdk_include/com.domain.ds.extension/res/cmp/js/component.js

调用 iframe 上的属性(并生成错误)的文件的 URL:http: //support.domain.com/BOE/OpenDocument/1411281523/zenwebclient/zen/mimes/sdk_include/com.domain.ds.extension/res /cmp/js/component.js

URL of the frame : http://support.domain.com/BOE/OpenDocument/1411281523/zenwebclient/zen/mimes/sdk_include/com.domain.ds.extension/res/cmp/js/map/js/map.html

框架的网址:http: //support.domain.com/BOE/OpenDocument/1411281523/zenwebclient/zen/mimes/sdk_include/com.domain.ds.extension/res/cmp/js/map/js/map.html

The iframe embed itself some script tag, I can see everything loading fine in the Network tag of the console.

iframe 嵌入了一些脚本标签,我可以看到在控制台的 Network 标签中一切正常。

Maybe it can help.

也许它可以提供帮助。

EDIT 2 :

编辑 2:

I just realized SAP report is itself embedded into an iframe. That means my iframe is within an iframe, that might be the issue. Still, when lauching the report from Eclipse, everything is working.

我刚刚意识到 SAP 报告本身嵌入到 iframe 中。这意味着我的 iframe 在 iframe 内,这可能是问题所在。尽管如此,当从 Eclipse 启动报告时,一切正常。

回答by Stranded Kid

I've finally found a solution.

我终于找到了解决办法。

The top of my iframe had a domain.locationset to domain.comand my iframe a domain.locationset to support.domain.com.

我的 iframe 顶部的domain.location设置为domain.com,我的 iframe 的domain.location设置为support.domain.com

Event though I still think that both belong to the same domain, browsers don't like it it seems so.

事件虽然我仍然认为两者属于同一个域,但浏览器似乎不喜欢它。

Re-setting the domain.locationdid the work.

重新设置domain.location完成了工作。

To answer the ones asking about how to re-set location.domain, here is the snippet of code my team used to use. This is quite old (2y ago), not really optimized and we do not use it anymore, but I guess it's worth sharing. Basically, what we were doing is load the iframewith passing it top domain in the URL parameters.

为了回答有关如何重新设置的问题location.domain,这里是我的团队曾经使用的代码片段。这是很旧的(2 年前),没有真正优化,我们不再使用它,但我想它值得分享。基本上,我们所做的是加载iframe并在 URL 参数中传递顶级域。

var topDomain = (function handleDomain(parameters) {
        if (typeof parameters === "undefined") {
            return;
        }
        parameters = parameters.split("&");
        var parameter  = [],
            domain;
        for (var i = 0; i<parameters.length; ++i) {
            parameter.push(parameters[i]);
        }
        for (var j = 0; j<parameter.length; ++j) {
            if (parameter[j].indexOf("domain") > -1) {
                domain = parameter[j];
                break;
            }
        }
        if (typeof domain !== "undefined") {
            domain = domain.split("=");
            return domain[1];
        }
        return; 
    })(window.location.search),
    domain = document.domain;

if (domain.indexOf(topDomain) > -1 && domain !== topDomain) {
    document.domain = topDomain;
}

相关推荐

Javascript 如何从异步函数抛出异常

Javascript 如何从异步函数抛出异常

Javascript 如何使用 jQuery 禁用文本选择?

Javascript 如何使用 jQuery 禁用文本选择?

Javascript 如何在javascript中获取redis中的所有键和值?

Javascript 如何在javascript中获取redis中的所有键和值?

如何通过 JavaScript 设置表单动作?

如何通过 JavaScript 设置表单动作?

相关推荐
最近更新
标签