Same domain but still gets "Property Document Access Permission" '

Question

Same domain but still gets "Property Document Access Permission" '

I have an application where I need to send a message to an iframe and get the content. I have a handler load

that receives innerHTML

from a frame, but the following throws an error:

var frameDoc = frame.contentDocument || frame.contentWindow.document;

I understand that this can happen to prevent XSS attacks, but my impression is that this should only happen when the domains are different. I have checked and double checked; the domain for the iframe matches the domain of the page, but I still can't get the content of the frame.

Under what circumstances does accessing an iframe with the same domain still cause this error?

+3

javascript iframe

acbabis 12 jan. 15 at 21:20

source to share

1 answer

Brett zamir · Answer 1 · 2015-11-10T10:36:21+0000

Try to debug in Chrome. In my case, the error message was explicit enough to tell me to set it document.domain

explicitly in the parent frame, and this turned out to be necessary even though the original document.domain should have been correct already!

Ie, I had to add this to the parent document:

document.domain = document.domain;

Same domain but still gets "Property Document Access Permission" '

More articles: