不安全的 JavaScript 尝试使用 URL 访问框架
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7318788/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Unsafe JavaScript attempt to access frame with URL
提问by jRicca
I have a page with an Iframe and a Javascript from Iframe that access to a function of parent frame. The pages are on the same server (it's not cross domain scripting), I'haven't any problem with FF and IE but when I use it on Chrome I have the message below.
我有一个带有 Iframe 和来自 Iframe 的 Javascript 的页面,可以访问父框架的功能。这些页面在同一台服务器上(它不是跨域脚本),我对 FF 和 IE 没有任何问题,但是当我在 Chrome 上使用它时,我收到以下消息。
Unsafe JavaScript attempt to access frame with URL http://samedomain:51700/irj/servlet/prt/portal/prtroot/CRMApp73.StoricoAppfrom frame with URL http://samedomain:51700/irj/servlet/prt/portal/prtroot/CRMApp73.CRMOProxy. Domains, protocols and ports must match.
不安全的JavaScript尝试访问框架与URL 的http://导航特殊:51700 / IRJ / servlet的/ PRT /门/ prtroot / CRMApp73.StoricoApp从框架与URL 的http://导航特殊:51700 / IRJ / servlet的/ PRT /门/ prtroot /CRMApp73.CRMOProxy。域、协议和端口必须匹配。
How can I solve this issue? I search by google since 4 hours. I hope someone can help me.
我该如何解决这个问题?我从 4 小时开始用谷歌搜索。我希望有一个人可以帮助我。
EDIT: code
编辑:代码
This is the JavaScript in the iframe page. This JavaScript call a parent frame Javascript function "setUfficioPostale". This is the point where Chrome give me "Unsafe Access..." error.
这是 iframe 页面中的 JavaScript。此 JavaScript 调用父框架 Javascript 函数“setUfficioPostale”。这就是 Chrome 给我“不安全访问...”错误的地方。
<script>
window.parent.setUfficioPostale(map);
</script>
This is the Javascript in the parent frame for form submitting. This is for sending hidden form with hidden params to a page loaded in iframe.
这是用于表单提交的父框架中的 Javascript。这是用于将带有隐藏参数的隐藏表单发送到 iframe 中加载的页面。
function onAltroUfficioClick(){
document.getElementById("hiddenParams").submit();
$('#framePosteMaps').show();
}
This is the iframe definition in the parent page.
这是父页面中的 iframe 定义。
<iframe id="framePosteMaps" scrolling="no" name="framePosteMaps"></iframe>
This is the form with target attribute to send parameters to iframe page.
这是带有 target 属性的表单,用于将参数发送到 iframe 页面。
<form id="hiddenParams" target="framePosteMaps" action="http://samedomain:51700/irj/servlet/prt/portal/prtroot/TestFrameRC.SimPerProxy" method="POST">
<input type="hidden" name="distanza" value="10">
<input type="hidden" name="cliente" value="Retail">
....................
</form>
回答by szanata
The Chrome don't allow you to do that. Code from Iframe cannot access parent code.
Chrome 不允许你这样做。Iframe 中的代码无法访问父代码。
回答by ChangePictureWeekly
First, check that both pages are being referenced using the SRC attr of the iframe in exactly the same way, I mean:
首先,检查两个页面是否以完全相同的方式使用 iframe 的 SRC attr 被引用,我的意思是:
http://samedomain:51700/irj/
http://samedomain:51700/irj/
beacause it is possible, that even if they are running in the same machine, one of those iFrames is called like:
因为有可能,即使它们在同一台机器上运行,其中一个 iFrame 被称为:
http://localhost:51700/irj/
and the other:
和另一个:
http://MachineId:51700/irj/
or any other combination.
或任何其他组合。
You can check it by inspecting the code with the Developer tools in all modern browsers.
您可以通过在所有现代浏览器中使用开发人员工具检查代码来检查它。
Chrome allows you to call parent's function if they are in the same domain (I do it everyday), so there shouldnt be any problem.
Chrome 允许你调用父函数,如果它们在同一个域中(我每天都这样做),所以应该没有任何问题。
I use this function to acces children iFrames:
我使用此功能访问子 iFrame:
var getIframe = function (id) {
if ($.browser.mozilla) return document.getElementById(id).contentWindow;
return window.frames[id];
};
and just "parent.yourParentFunction()" when you want to access a function in the parent.
当您想访问父级中的函数时,只需“parent.yourParentFunction()”即可。
Check that the parent's function is assigned to the Window object (global namespace)
检查父的函数是否分配给了 Window 对象(全局命名空间)
Good luck with that :-)
祝你好运:-)
回答by X_Cli
The parent frame may have set a document.domain value different from "samedomain". Update the document.domain property in the iframe js to the value set in the parent frame and it should work.
父框架可能设置了一个与“samedomain”不同的 document.domain 值。将 iframe js 中的 document.domain 属性更新为父框架中设置的值,它应该可以工作。
