3

I have a 4 iframes on a page, and when each is loaded I have their src set to "" (empty). Clicking on different links in the page set's the src's to different URL's using jQuery. This works fine in FF, Chrome, Safari, etc., but IE gives me:

"Permission Denied - jquery.js?1350498802, line 103 character 430"

From what I've found this is because if a security feature IE to prevent XSS attacks. The problem is that the pages I'm loading in the iframes are in a different domain than the page they're being loaded into. I don't have access to the code in the domain that the iframes are getting their src's from, so is there anyway that I can load those pages without getting this error?

I can post code if need be but there's nothing complicated about it, it's an empty iframe until a link is clicked, at which point the iframe's src is changed using $("#iframe").attr("src", link);.

Thanks in advance!

starscream_disco_party
  • 2,816
  • 5
  • 26
  • 42

4 Answers4

3

Instead of using jQuery to perform this simple task, use HTML.

<a target="myIframe" href="http://www.google.com">Google</a>
<iframe id="myIframe" src="about:blank"></iframe>
Kevin B
  • 94,570
  • 16
  • 163
  • 180
  • I would but what the iframes need to load is dynamic, they cycle through an array of values and each one has it's own URL. If it were only one link that I needed, this would be perfect :) – starscream_disco_party Oct 17 '12 at 20:42
  • To dynamically change the content, I used `document.getElementById('myIframe').contentDocument.write('hi')`, but it only seemed to work when I set the iframe src to `about:blank` – Pluto Jul 22 '17 at 09:56
1

Your issue might be related to this. Double check the way you are setting the iframe url

change iframe source in ie using javascript

Hope this helps.

Community
  • 1
  • 1
HRN
  • 61
  • 5
  • All you've done here is post a link to someone else's answer. It doesn't really seem fair to use it as your own. – Lix Oct 17 '12 at 20:00
  • @Lix with 21 rep, I doubt he has access to post comments yet. – Kevin B Oct 17 '12 at 20:01
  • @kev - no doubt! The requirement is 50 rep, but answers are meant to answer the question. Not to post links to possible duplicates. It's only HRN's first answer post. I'm sure they'll be able to comment very soon. Till then please only use the "Post an answer" button to post you own answer or at the very least your own version tailored to this specific issue. – Lix Oct 17 '12 at 20:06
  • Sorry about this. I am trying to learn this site. I am not claiming this answer to be mine. I had read about this a while ago and remembered , so just thought of sharing the same link. I will research more to see how can I redirect people to a similar topic. – HRN Oct 17 '12 at 20:56
1

Typically to get around this cross-domain issue, you can create what's called a proxy page. Basically what you do is set the src of the iframe to a page from your own domain (let's call it proxyFrame.php for example).

In the code for proxyFrame.php you would fetch the contents from the actual page you want to load in the iframe. In php you can use file_get_contents().

You didn't specify what kind of back-end code you are using, but I'm pretty sure any language would have a similar way to fetch the contents from a URL.

Brian Glaz
  • 15,468
  • 4
  • 37
  • 55
  • well.. that assumes you just want to GET contents from the page for display. what if the page is interactive, with POSTs, ajax requests, and etc.. – joedotnot Apr 12 '19 at 09:00
1

I ended up changing the src to the domain we needed and removing all of the statements setting src to "" and that fixed the problem. Thanks for all the help everyone!

starscream_disco_party
  • 2,816
  • 5
  • 26
  • 42