使用跨域更改src Iframe [英] Change src Iframe with cross-domain

问题描述

我正在尝试使用GWT执行一个应用程序，该应用程序将在一个iframe中运行。直到这里一切都好，事情是，我有我的实际网络中的一个窗体，将请求发送到iframe。使用java脚本当我按下发送表单按钮时，我更改了我的iframe的src并稍后刷新它：

 文档。 getElementById（'iframeSpecialOffers'）。src = container.url; 
 
 document.getElementById（'iframeSpecialOffers'）。contentWindow.location.reload（）; 
  

网址在www .example.com:81中运行，我的iframe的新src在www中运行.example.com：8082，我得到这个错误

 不安全的JavaScript尝试访问带有URL的帧http：//示例：8082 /Home.html#!TilePage;searchQuery=*;searchMode=1;amount=1; 
 position = '47 .3686498,8.539182500000038'; leftBottomPosition = '47 .32023,8.448059899999976'; 
 rightTopPosition = '47 .43468,8.625370100000055'; availabilityEndDate = datetime'2012-08-012T18：00：00'; $ culture = en 
与URL http：//示例：81 /。域，协议和端口必须匹配。 
  

非常感谢！

解决为保护人们免受XSS攻击（跨站点脚本），浏览器不允许您访问不在同一域中的iFrame或窗口内的任何内容。

然而，您可以设置某种标题，告诉浏览器允许跨域的东西。

http://en.wikipedia.org/wiki/Cross-origin_resource_sharing

我不确定这是你应该走的路线，但是避免这种事情会更好。

如果你的目标严格刷新页面，你可以通过再次设置src来实现，我相信它会通过执行如下操作来刷新：

document.getElementById 'iframeSpecialOffers'）。src = document.getElementById（'iframeSpecialOffers'）。src;

但是，如果这不起作用，您可以追加一个无用的queryString参数以使其不同。

I'm trying to do one app with GWT that will run inside one iframe. Until here everything is ok, the thing is that i have one form in my actual web that will send the request to the iframe. With java script when I push the button "Send Form" I change the src of my iframe and refresh later it:

document.getElementById('iframeSpecialOffers').src = container.url;

document.getElementById('iframeSpecialOffers').contentWindow.location.reload();

The web is running in www.example.com:81 and the new src for my iframe in www.example.com:8082 and i get this error

      Unsafe JavaScript attempt to access frame with URL http://example:8082/Home.html#!TilePage;searchQuery=*;searchMode=1;amount=1;
position='47.3686498,8.539182500000038';leftBottomPosition='47.32023,8.448059899999976';
    rightTopPosition='47.43468,8.625370100000055';availabilityEndDate=datetime'2012-08-012T18:00:00';$culture=en
     from frame with URL http://example:81/. Domains, protocols and ports must match.

Thanks a lot !

解决方案

To protect people from XSS attacks (Cross site scripting), browsers do not allow you to access anything inside an iFrame or window that isn't from the same domain.

However there is some sort of header you can set that tells the browser that cross domain stuff is allowed.

http://en.wikipedia.org/wiki/Cross-origin_resource_sharing

I am not sure that is the route you should go though, it would be much better to avoid that kind of thing.

If your goal is strictly to refresh the page you can do so by just setting the src again, I believe it will refresh by just doing something like:

document.getElementById('iframeSpecialOffers').src = document.getElementById('iframeSpecialOffers').src;

But if that doesn't work you could append a useless queryString parameter to make it different.

这篇关于使用跨域更改src Iframe的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！