"Accsss is denied" when using iframe.contentWindow.document

[Dominic]

Hi everybody,

My goal is to set the height of the iframe to fit its content. There
was an earlier posting which gave some useful insights.

http://groups.google.com/groups?hl=...?hl=en&lr=&ie=UTF-8&q=Calculating+IFrame+size

The key idea is

function getInnerHeight(iframe){
var d=iframe.contentWindow ?
iframe.contentWindow.document :
iframe.contentDocument;
var h=0;
if(d){
if(d.documentElement && d.compatMode &&
d.compatMode=="CSS1Compat")
h=d.documentElement.scrollHeight;
else if(d.body)
h=d.body.scrollHeight;
if(h) h+=getInsets(d);
} return (h||300)+"px"; //300 is a default value
}

<iframe src="javascript:top.writeSomeText()"
width="559"
onload="this.style.height=getInnerHeight(this)"></iframe>

It works perfectly if the src of iframe is some local content.
Unfortunately, if I put src="http://www.yahoo.com", the line
iframe.contentWindow.document returns "access is denied" error.

Do you have any idea how to solve this problem?

Thanks
Dom

 

[Toby Inkster]

It works perfectly if the src of iframe is some local content.
Unfortunately, if I put src="http://www.yahoo.com", the line
iframe.contentWindow.document returns "access is denied" error.

It looks like an XSS thing -- there probably isn't a way around it. If
there is a way around it then the workaround will probably stop working
when you upgrade your browser.

 

[Michael Winter]

[snip]

It works perfectly if the src of iframe is some local content.
Unfortunately, if I put src="http://www.yahoo.com", the line
iframe.contentWindow.document returns "access is denied" error.

Do you have any idea how to solve this problem?

Generally, it can't be. See the FAQ, specifically section 4.19, for more
information.

<URL:http://jibbering.com/faq/>

Mike

 

[Mark Parnell]

It works perfectly if the src of iframe is some local content.
Unfortunately, if I put src="http://www.yahoo.com", the line
iframe.contentWindow.document returns "access is denied" error.

Do you have any idea how to solve this problem?

Stop trying to breach copyright.

 

[Dominic]

Stop trying to breach copyright.

I think there may be a misunderstanding. "http://www.yahoo.com" is
only used to illustrate the situation of getting some remote content.
The remote content may come from our server of another domain name, or
from our partner. I realize that this is a problem as long as the data
is not located at local server.

Hope it is clear. I'm sorry if my earlier posting leads to the
misunderstanding.

Dom

 

[Thomas 'PointedEars' Lahn]

It works perfectly if the src of iframe is some local content.
Unfortunately, if I put src="http://www.yahoo.com", the line
iframe.contentWindow.document returns "access is denied" error.

<http://groups.google.de/groups?as_q...group=comp.lang.javascript&scoring=d&filter=0>

Please stop crossposting.


PointedEars, F'up2 cljs