CORS error when trying to reload an embedded iframe

Question

I am trying to force-reload the contents of an iframe (force-reload meaning the browser cache should not be used). From the soltuion Reload an iframe with jQuery here, I can do this via this javascript code:

document.getElementById(FrameID).contentDocument.location.reload(true);

But I am hitting the same-origin policy error. But I did enable CORS on both, the page that has the iframe embedded and the page that is loaded within the iframe. From the web development tools I have verified that on both loads, the CORS header is present:

Access-Control-Allow-Origin: *

Although both sides are under different domains, I control both of them and can send the CORS header or any other header, if required.

Whats the correct way of doing this?

Answer 1

CORS is not needed for the described case. The same origin policy doesn't allow accessing DOM properties and methods across different domains. You can use postMessage JavaScript API for enabling communication between IFRAME and parent page.

Answer 2

This script was working with images/jpg (same URL) fine:

document.getElementById('iframe_id').contentWindow.location.reload();

With Firefox 107.0 (64-Bit) and iframe the following console message was displayed when tried to reload application/pdf with embedded firefox pdf viewer:

DOMException: Permission denied to access property "reload" on cross-origin object

with Trick evko/joe both work pdf and jpg (etc.)

try {
 document.getElementById('iframe_id').contentWindow.location.reload();
}catch(e){
 document.getElementById('iframe_id').src = document.getElementById('iframe_id').src;
 console.warn(e);
}

<iframe id="iframe_id" src="dynamic_image_or_pdf.php"></iframe>

it worked