1

I'm having a page (=parent) that contains an iview (=child) with different domains and I want to communicate between the both of them using JavaScript. I can already do this by manually setting the document.domain of the child (a.foo.bar) and the document.domain of its parent (b.foo.bar), so that they have the same domain afterwards (foo.bar) = domain-relaxation. This works great. Actually I can't "do" this, but it is already done by the default implementation of the child. Afterwards I can manipulate the childs content via JavaScript that is placed in the parents body, for example. I only have one problem: The parent doesn't know, if the child's document.domain has already been set to match the parents document.domain. I am not able to change the JavaScript of the child to send an event as soon as its domain has been "relaxed" (=changed from a.foo.bar to foo.bar).

My question is: Is there a way for the parent to check, if the domain of the child equals its own domain using JavaScript/jQuery? If that's not possible: Is there a way to try, whether the parent has permission to access the childs document, without provoking a "permission denied" error, if the domains don't match?

Thanks for your help in advance.

Regards, René

René Schubert
  • 1,302
  • 2
  • 13
  • 31
  • First you say that you are "manually setting the document.domain of the child" and then you say that you are "not able to change the JavaScript of the child". So, which is it? Can you change the code of the iframe or not? Anyway, I think you should use postMessage for communication (signaling). As for your question -- no, it is not possible to read the document location of a cross-origin iframe/window since this violates the same-origin policy. – Ivan Zuzak Dec 06 '12 at 18:29
  • I'm sorry that I didn't make myself clear. I can not change the child's implementation. But it has the domain-relaxation implemented by default. Is there something I can do to find out, whether I am allowed to access the childs document without causing an error, like `try { iframe.document; permissionGranted = true; } catch { permissionGranted = false; }` or even better `if(permissionGranted(iframe.document)) { ... }` (=without try/catch)? – René Schubert Dec 10 '12 at 10:13
  • It's a complicated issue :). Check out this question and answers: http://stackoverflow.com/questions/2365822/detect-when-iframe-is-cross-domain-then-bust-out-of-it – Ivan Zuzak Dec 10 '12 at 17:44

0 Answers0