"Accsss is denied" when using iframe.contentWindow.document

Discussion in 'HTML' started by Dominic, Sep 7, 2004.

  1. Dominic

    Dominic Guest

    Hi everybody,

    My goal is to set the height of the iframe to fit its content. There
    was an earlier posting which gave some useful insights.

    http://groups.google.com/groups?hl=...?hl=en&lr=&ie=UTF-8&q=Calculating+IFrame+size

    The key idea is

    function getInnerHeight(iframe){
    var d=iframe.contentWindow ?
    iframe.contentWindow.document :
    iframe.contentDocument;
    var h=0;
    if(d){
    if(d.documentElement && d.compatMode &&
    d.compatMode=="CSS1Compat")
    h=d.documentElement.scrollHeight;
    else if(d.body)
    h=d.body.scrollHeight;
    if(h) h+=getInsets(d);
    } return (h||300)+"px"; //300 is a default value
    }

    <iframe src="javascript:top.writeSomeText()"
    width="559"
    onload="this.style.height=getInnerHeight(this)"></iframe>

    It works perfectly if the src of iframe is some local content.
    Unfortunately, if I put src="http://www.yahoo.com", the line
    iframe.contentWindow.document returns "access is denied" error.

    Do you have any idea how to solve this problem?

    Thanks
    Dom
    Dominic, Sep 7, 2004
    #1
    1. Advertising

  2. Dominic

    Toby Inkster Guest

    Dominic wrote:

    > It works perfectly if the src of iframe is some local content.
    > Unfortunately, if I put src="http://www.yahoo.com", the line
    > iframe.contentWindow.document returns "access is denied" error.


    It looks like an XSS thing -- there probably isn't a way around it. If
    there is a way around it then the workaround will probably stop working
    when you upgrade your browser.

    --
    Toby A Inkster BSc (Hons) ARCS
    Contact Me ~ http://tobyinkster.co.uk/contact
    Now Playing ~ ./keane/hopes_and_fears/08_sunshine.ogg
    Toby Inkster, Sep 7, 2004
    #2
    1. Advertising

  3. On 7 Sep 2004 11:22:04 -0700, Dominic <> wrote:

    [snip]

    > It works perfectly if the src of iframe is some local content.
    > Unfortunately, if I put src="http://www.yahoo.com", the line
    > iframe.contentWindow.document returns "access is denied" error.
    >
    > Do you have any idea how to solve this problem?


    Generally, it can't be. See the FAQ, specifically section 4.19, for more
    information.

    <URL:http://jibbering.com/faq/>

    Mike

    --
    Michael Winter
    Replace ".invalid" with ".uk" to reply by e-mail.
    Michael Winter, Sep 7, 2004
    #3
  4. Dominic

    Mark Parnell Guest

    On 7 Sep 2004 11:22:04 -0700, Dominic <> declared in
    comp.lang.javascript,alt.html,microsoft.public.scripting.jscript:

    > It works perfectly if the src of iframe is some local content.
    > Unfortunately, if I put src="http://www.yahoo.com", the line
    > iframe.contentWindow.document returns "access is denied" error.
    >
    > Do you have any idea how to solve this problem?


    Stop trying to breach copyright.

    --
    Mark Parnell
    http://www.clarkecomputers.com.au
    "Never drink rum&coke whilst reading usenet" - rf 2004
    Mark Parnell, Sep 7, 2004
    #4
  5. Dominic

    Dominic Guest

    Mark Parnell <> wrote in message news:<1c10dx50kytsn$.1urofa4pnkgsq$>...
    > On 7 Sep 2004 11:22:04 -0700, Dominic <> declared in
    > comp.lang.javascript,alt.html,microsoft.public.scripting.jscript:
    >
    > > It works perfectly if the src of iframe is some local content.
    > > Unfortunately, if I put src="http://www.yahoo.com", the line
    > > iframe.contentWindow.document returns "access is denied" error.
    > >
    > > Do you have any idea how to solve this problem?

    >
    > Stop trying to breach copyright.


    I think there may be a misunderstanding. "http://www.yahoo.com" is
    only used to illustrate the situation of getting some remote content.
    The remote content may come from our server of another domain name, or
    from our partner. I realize that this is a problem as long as the data
    is not located at local server.

    Hope it is clear. I'm sorry if my earlier posting leads to the
    misunderstanding.

    Dom
    Dominic, Sep 8, 2004
    #5
  6. Dominic wrote:

    > It works perfectly if the src of iframe is some local content.
    > Unfortunately, if I put src="http://www.yahoo.com", the line
    > iframe.contentWindow.document returns "access is denied" error.


    <http://groups.google.de/groups?as_q=Same+Origin+Policy&as_ugroup=comp.lang.javascript&scoring=d&filter=0>

    Please stop crossposting.


    PointedEars, F'up2 cljs
    --
    The truth is out there... and so are the bugs...
    Thomas 'PointedEars' Lahn, Sep 11, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Richard P
    Replies:
    1
    Views:
    151
    Martin Honnen
    Aug 8, 2003
  2. Dominic
    Replies:
    5
    Views:
    494
    Thomas 'PointedEars' Lahn
    Sep 11, 2004
  3. Replies:
    1
    Views:
    211
  4. Alexander Higgins
    Replies:
    0
    Views:
    225
    Alexander Higgins
    Dec 16, 2006
  5. Dmitry Kulinich
    Replies:
    0
    Views:
    222
    Dmitry Kulinich
    Jun 15, 2007
Loading...

Share This Page