通过使用postMessage()访问跨原点框架绕过原点阻止的帧 [英] Bypassing a blocked frame with origin from accessing a cross-origin frame with postMessage()

问题描述

我听说您可以使用postMessage()绕过阻止原点的框架访问跨域框架"，并且我一直在尝试使用它，但是它不能正常工作.我在做什么错了?

I've heard that you can bypass a "blocked a frame with origin from accessing a cross-origin frame" with postMessage() and I've been trying to use it, but it's not working properly. What am I doing wrong?

<iframe src="www.example.com" id = "theID"></iframe>

document.getElementById('theID').contentWindow.postMessage({
document.querySelector("input[value='true']").click();
});

推荐答案

您可以将服务器用作代理.假设您打算在iframe中加载页面XYZ，则可以创建一个XYZ.php页面，该页面向XYZ发送请求并在页面中显示响应.您将需要解决相对URL可能引起的问题.另外，请确保您所做的一切都是善意和合法的.

You can use your server as a proxy. Assuming that you intend to load page XYZ inside the iframe, you can create an XYZ.php page which sends a request to XYZ and displays the response in the page. You will need to resolve the problems which might arise from relative URLs. Also, make sure that whatever you do is goodwilling and legal.

流程将如下所示:

• 对parent.php的请求已发送到服务器
• 服务器使用parent.php响应浏览器
• 在parent.php结构中，您有一个指向child.php的iframe，这也是您的页面
• child.php依次将请求发送到实际源，并将收到的响应发送回浏览器
• iframe的onload事件将触发您要执行的parent.php的逻辑

这篇关于通过使用postMessage()访问跨原点框架绕过原点阻止的帧的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！