Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Content from crossdomain iframe empty? #34

Closed
denyo opened this issue May 8, 2013 · 3 comments
Closed

Content from crossdomain iframe empty? #34

denyo opened this issue May 8, 2013 · 3 comments
Labels
bug

Comments

@denyo
Copy link

denyo commented May 8, 2013

Hello,
first of all, thanks for that great module. Really makes life easier!

However I have some trouble retrieving the content from the iframe. The thing is that my application is talking to a RESTful PHP backend on a different domain. For all the ajax calls I use withCredentials = true.
So when I name that same backend for the action inside my form the iframe is populated with the correct contents but they can't be retrieved because of this error:

Unsafe JavaScript attempt to access frame with URL https:/backend.com 
from frame with URL http://frontend.com. The frame requesting access  
has a protocol of 'http', the frame being accessed has a protocol of  
'https'. Protocols must match.

To avoid this I already tried to redirect the whole request to a php file on the frontend domain which then saves the file and sends a new request to the backend. But with this method my sessions on the backend are not there anymore.

I'd appreciate any help.

Kind regards,
Denyo
@twilson63
Copy link
Owner

@denyo,

Hey thanks, I am glad the directive is coming handy. As far as your question, I do not know much about this issue, but did fine this on SO -> http://stackoverflow.com/questions/4324108/unsafe-javascript-attempt-to-access-frame-with-url

It may help, if it does not, you may want to see if you can proxy the request through your frontend.com so that both the parent and frame are from the same domain.

Thanks

Tom

@denyo
Copy link
Author

denyo commented May 9, 2013

Thank you for your quick reply.
Actually I've seen that post on stackoverflow before but couldn't get it to work. So now I simply post everything to the frontend domain and from there I send another request to the backend. I solved the session issue by sending the current user id with the initial request.

I also discovered a minor bug.
You bind the load event to the iframe before it is appended to the DOM. In webkit browsers this leads to triggering that event twice. One time when the iframe is added and another time when the actual content is loaded. By changing the order to

form.parent().append(iframe);  
iframe.bind('load', function () {...

it works as it should.

Cheers!

twilson63 pushed a commit that referenced this issue Jun 15, 2013
#34 changed to bind to iframe load after iframe is added to dom per @…
bda29ee 
…denyo
@twilson63
Copy link
Owner

Thanks for the bug report, should be fixed now in 0.3.7.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@twilson63 @denyo