如何愚弄它是最顶层窗口的iframe [英] How to fool Iframe that it is top most window
问题描述
我想知道,是否有一种方法可以覆盖iframe的window.top和window.parent,以便从它的上下文中获得以下结果:
窗口=== window.parent&& window === window.top
这种情况是我想要嵌入iframe的应用程序有很多对window.top的引用,它存储对象并使用它们与自己的子iframe来回传递。
<< ; iframe sandbox =>< / iframe>
没有allow-scripts对我来说不是一种选择,因为对window.top的任何访问都会抛出错误,虽然我希望事情能够很好地工作,就好像iframe是顶级窗口一样。注意:
我看到一个类似的问题,询问如何欺骗/愚弄iframe认为它是DOM中的TOP元素,但在那里同样的要求,实际的问题 - 改变top.location可能会变通解决,这就是为什么我猜测讨论已经停止。
简单的回答是,您无法更改只读属性。
更复杂的答案是您可以通过代理服务器解析其他站点并动态重写JS。然而,我强烈地期望这样做比努力付出更多的努力,并且可能会在某些时候违反版权法。
你应该问的问题是第三方想要在你的iFrame?如果是,让他们修复他们的代码,如果没有,那么你不应该这样做。
I wonder, is there a way to override the iframe's window.top and window.parent such that from it's context the following is true
window === window.parent && window === window.top
The case is that the app that I want to embed in an iframe has many references to window.top, it stores objects and uses them to communicate back and forth with its own child iframes.
<iframe sandbox=""></iframe>
Without "allow-scripts" is not an option for me as any access to window.top throws and Error, while I want things to work pretty much as if the iframe was a top level window
Note: I saw a similar question asked How to Trick/Fool an Iframe to thinking its the TOP element in DOM but there while the same requirement, the actual problem - changing the top.location could be worked-around, this is why I guess the discussion was discontinued.
The simple answer is no you can not change a read-only property.
The more complex answer is that you could parse the other site through a proxy server and dynamically rewrite the JS. However I strongly expect that is more effort than it is worth and will likely break copyright laws at some point.
The question you should be asking is does the third-party want to be in your iFrame? If yes get them to fix their code, if no then you shouldn't be doing this.
这篇关于如何愚弄它是最顶层窗口的iframe的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!