0

I'm rendering an iframe from a different domain. The iframe contains scripts only (e.g. ).

Is there a way to extract the contents of the said iframe or at least the last script tag inside that iframe?

I have tried console.log($("iframe").contents().find('script')); but this return a length of 0 and so there were no script extracted.

UPDATE:

<script type="text/javascript" src="/jwplayer/jwplayer.js"></script> 
<script type="text/javascript">jwplayer.key="KEYHERE";</script>
<div id='videoPlayer'></div>
<script type='text/javascript'>
  jwplayer('videoPlayer').setup({
   file: 'VIDEO LOCATION HERE',
   autostart: "true",
    width: "100%",
    height: "100%",
    image: "IMAGE LOCATION HERE"

  });
</script>

This is what the iframe HTML looks like. My actual goal here is to extract the last script on the iframe so I can replace the file being rendered on certain conditions.

ajib
  • 309
  • 2
  • 17
  • Does `$('iframe script').text()`. work? – Saravana Sep 10 '13 at 04:38
  • it doesn't return anything. – ajib Sep 10 '13 at 04:42
  • Post a snippet of the contents of your iframe. – Saravana Sep 10 '13 at 04:45
  • Thanks @Saravana I already updated the question above. – ajib Sep 10 '13 at 04:50
  • Is the document inside the iframe from another domain? If so, look here: http://stackoverflow.com/questions/3083112/jquery-cross-domain-iframe-scripting – Saravana Sep 10 '13 at 04:55
  • yes it is, but cross-domain is not an issue since I was granted access for that iframe src. – ajib Sep 10 '13 at 04:57
  • What do you mean `I was granted access for that iframe src`? Also you will not be able to read or change the actual contents of the ` – Strelok Sep 10 '13 at 05:16
  • I mean similar to this one: (copied from the link you sent) `Unless, the foreign domain you try to access supports a procedure like C.O.R.S, `. Also, I have no plan on changing the actual content, I just want to copy it. – ajib Sep 10 '13 at 05:20

1 Answers1

2

Cross-domain is totally an issue, you are NOT in anyway granted access to that iframe src as you say. You have made a public request to a domain from your iframe, you will have multiple security hurdles depending on the browser.

If you set the document.domain = 'mydomain.com'; in your parent page and the page requested on the other domain from your iframe you might get it figured out but you will have to have the same top level domain (different sub domains will work) and this still will not work as expected in Internet Explorer from my experience. The security issue that browsers are trying to protect from is a cross-site scripting attack and each browser goes about it differently.

Brian Ogden
  • 18,439
  • 10
  • 97
  • 176
  • reading further.. I got the idea that cross-domain is really an issue. Anyway, are there anyways I can accomplish this? thanks for your answer – ajib Sep 10 '13 at 06:45
  • Unfortunately you want to try avoid this kind of solution at all costs. That has been my experience, this first step to the problem, do you own or have access to both domains? – Brian Ogden Sep 10 '13 at 18:48
  • I do not own the other domain since it was owned by another affiliate company of ours so I can talk to them if I want to access it. – ajib Sep 11 '13 at 03:19
  • Well even with access you are still going to have hurdles with different browsers, I would try to nothing more than load the iframe,copy the script you need to extract or reload the iframe to make changes to the content or scripts – Brian Ogden Sep 11 '13 at 17:46