2

Is there any way, having access to both client and server side, to allow JavaScript access contents of a cross-domain iframe?

Maybe something similar to cross-domain AJAX, with Access-Control-Allow-Origin.

Again: I can edit whatever is necessary on the server-side.

XCS
  • 27,244
  • 26
  • 101
  • 151
  • possible duplicate of [Cross Domain Javascript calls using iFrame](http://stackoverflow.com/questions/7246278/cross-domain-javascript-calls-using-iframe) – mario Jun 19 '13 at 11:58
  • 2
    And http://www.slideshare.net/SlexAxton/breaking-the-cross-domain-barrier – mario Jun 19 '13 at 11:59

2 Answers2

0

As this isn't possible, I solved the problem in my case by using the newly introduced postMessage function. (one comment suggested that, but forgot to read the presentation...)

From mozilla: "window.postMessage is a method for safely enabling cross-origin communication."

XCS
  • 27,244
  • 26
  • 101
  • 151
-2

You could, but it sounds wrong. My instincts say - "Why not make it under the same domain?". :)

Nikolay Tsenkov
  • 1,128
  • 10
  • 26
  • Because I want to use the same "script" on multiple sites, without having to install the script on each and every website. So I just have one "admin panel" for multiple websites, and the admin panel should be able to access every site's content. – XCS Jun 19 '13 at 16:37
  • I don't know the full context, but administration should be accessing server configurations, not their client "renderings". If you are permanently changing properties of these applications (persisted on reload), you should be accessing an API, part of the servers of these apps. – Nikolay Tsenkov Jun 19 '13 at 18:46