如何愚弄它是最顶层窗口的iframe [英] How to fool Iframe that it is top most window

问题描述

我想知道，是否有一种方法可以覆盖iframe的window.top和window.parent，以便从它的上下文中获得以下结果：

 窗口=== window.parent&& window === window.top 
  

这种情况是我想要嵌入iframe的应用程序有很多对window.top的引用，它存储对象并使用它们与自己的子iframe来回传递。

 << ; iframe sandbox =>< / iframe> 
  

没有allow-scripts对我来说不是一种选择，因为对window.top的任何访问都会抛出错误，虽然我希望事情能够很好地工作，就好像iframe是顶级窗口一样。注意：
我看到一个类似的问题，询问如何欺骗/愚弄iframe认为它是DOM中的TOP元素，但在那里同样的要求，实际的问题 - 改变top.location可能会变通解决，这就是为什么我猜测讨论已经停止。

解决方案

简单的回答是，您无法更改只读属性。

更复杂的答案是您可以通过代理服务器解析其他站点并动态重写JS。然而，我强烈地期望这样做比努力付出更多的努力，并且可能会在某些时候违反版权法。

你应该问的问题是第三方想要在你的iFrame？如果是，让他们修复他们的代码，如果没有，那么你不应该这样做。

I wonder, is there a way to override the iframe's window.top and window.parent such that from it's context the following is true

window === window.parent && window === window.top

The case is that the app that I want to embed in an iframe has many references to window.top, it stores objects and uses them to communicate back and forth with its own child iframes.

<iframe sandbox=""></iframe>

Without "allow-scripts" is not an option for me as any access to window.top throws and Error, while I want things to work pretty much as if the iframe was a top level window

Note: I saw a similar question asked How to Trick/Fool an Iframe to thinking its the TOP element in DOM but there while the same requirement, the actual problem - changing the top.location could be worked-around, this is why I guess the discussion was discontinued.

解决方案

The simple answer is no you can not change a read-only property.

The more complex answer is that you could parse the other site through a proxy server and dynamically rewrite the JS. However I strongly expect that is more effort than it is worth and will likely break copyright laws at some point.

The question you should be asking is does the third-party want to be in your iFrame? If yes get them to fix their code, if no then you shouldn't be doing this.

这篇关于如何愚弄它是最顶层窗口的iframe的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！