0

Is there a way in javascript to determine when a XSS issue like the one described in this linked question occurs?

Essentially I want to determine (in the parent) if the javascript in the child iFrame (in a different domain) is attempting to access the parent.

<body>
 <iframe id="child" src="http://someother-domain.com"/>
</body>
Community
  • 1
  • 1
Phil Laliberte
  • 642
  • 1
  • 6
  • 12

1 Answers1

0

No, this is not possible without somehow bypassing cross-domain restrictions. By design, there's no way to send signals from pages on one origin to pages on another unless the recipient explicitly allows the origin of the sender by setting document.domain.

goodside
  • 4,429
  • 2
  • 22
  • 32