可以获取iframe的网址跨网域吗? [英] Possible to get an iframe's url cross-domain?

问题描述

如果它是跨域iframe，如何获取页面加载中iframe的当前网址?

How can I get the current url of an iframe on pageload if it is a cross-domain iframe?

背景-我正在尝试在我的网站上启用SSL.但是，我的用户需要能够通过iframe加载任何网址.如果他们尝试使用http协议加载iframe，则它将拒绝加载，因为其父页面是https.

Background - I'm trying to enable SSL on my website. However, my users need to be able load any url through an iframe. If they try to load an iframe with http protocol, it will refuse to load because the parent page is https.

我想自动检测iframe是否为http-，如果是，则将父页面重定向到http.但是，使用我尝试过的任何方法，访问时都会出现CORS错误.

I'd like to automatically detect if the iframe is http - and if it is, then redirect the parent page to http. However, with any method I've tried, I get CORS errors when accessing.

这是我的iframe:

Here's my iframe:

<iframe id="myframe" src='https://apple.com' onload="this.contentWindow.parent.postMessage(this.contentWindow.document.location.protocol, parent.document.location);" width="800" height="600">
</iframe>

这是我的事件监听器:

window.addEventListener("message", receiveMessage, false);
function receiveMessage(event) {
  console.log(event.data)
}

我可以接收纯字符串作为消息，但是我不能接收协议.使用window.postMessage()的结果是一个CORS错误，我认为应该允许跨域通信.

I am able to receive plain strings as messages, but I'm not able to receive the protocol. My result using window.postMessage() is a CORS error, which I thought was supposed to allow cross-domain communication.

推荐答案

出于安全原因，您无法访问iframe的其他域/主机/端口内容或src网址

Is not possible, for security reasons you can't access other domain/host/port content or src url of an iframe

这篇关于可以获取iframe的网址跨网域吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！