33

I got a page that is displayed within an iframe.

I need to get the parent.location.url with js from that page (child page).

Both sites are in different domains.

I'm trying:

alert(parent.location.url)

But I get this error:

Permission denied for http://parentdomain to get property Location.URL from http://childdomain.

???? Is it possible?

Carlos Castillo
  • 533
  • 2
  • 6
  • 12

8 Answers8

80

try this:

var referrer = document.referrer;
alert(referrer);
GianFS
  • 2,545
  • 2
  • 22
  • 21
  • 2
    Thanks, out of all the proposed solutions, this is the only one that gave me info when the iframe is on a different domain than the calling page. – Sébastien Jan 04 '13 at 15:54
  • 1
    love this solution for the domain reason, but it doesn't get the full URL. It's missing the hash variable that window.location will return. – toobulkeh Oct 09 '14 at 03:56
  • This doesn't seem to work on IE11, do you have a solution for IE? – Matt Goo Sep 28 '16 at 22:33
  • can you do referrer when HTTPS? is there some go around? – Valentin Petkov Aug 28 '17 at 14:29
  • Was looking for a way to access the browser's URL inside of a CodePen (Pens are in iFrames). This allowed me to not set autoFocus when on the CodePen dashboard page. This worked perfectly. `if (document.referrer !== 'https://codepen.io/KeithDC/' && document.referrer !== 'https://codepen.io/KeithDC') { this.textInput.focus(); }` – Keith DC Dec 07 '17 at 10:11
8

What you're trying to do isn't possible per se. Unless you have control over the parent page's calling of the child page. If you do, then you can call the child page with a get statement in the URL of the parent page. So if you parent page is http://parentpage.com then here's how you should call the iFrame.

<iframe src='http://childpage.com/?parent=http://parentpage.com' />

Then all you have to do in the child page to get the reference is get the string with

window.location.search //not sure of browser compatibility with this

and extract the parent page's URL by grabbing it out of that string. I'd give more details, but I'm not even sure about the first question I had.

Fgblanch
  • 5,195
  • 8
  • 37
  • 51
Madison Williams
  • 350
  • 1
  • 4
  • 11
  • I tried every other method listed here. Now in 2015, due to fairly strict browser permission issues blocking the JavaScript for this case. Passing the data to the iFrame in the url is the only way. – FactoryAidan Apr 02 '15 at 21:56
  • 2
    Not a good practice since any domain can add a search parameter like the above and then the child page in the iframe can be led to believe it's from a whitelisted parent page. In short, if you do the above, not only parentpage.com, but evilpage.com will also be able to make an iframe like this and the childpage parses parent page as parentpage.com. That'll be a big security flaw. The child will not be able to use window,parent.location.origin (cross domain parent) since it'll throw an exception. It's implemented that way for security purposes. The best option is to use document.referrer. – Samu Oct 26 '18 at 05:34
5

Have you tried something like:

alert(window.top.location.href);
PriorityMark
  • 3,247
  • 16
  • 22
  • I have no control on the parent page :S – Carlos Castillo Dec 12 '10 at 15:45
  • 8
    If you're just trying to see the referrer, (which would be the one who loaded that frame) have you tried something like: if (document.referrer != '') document.write('Thanks for visiting from ' + document.referrer); – PriorityMark Dec 14 '10 at 16:28
3

You'll be able to find it like this, and all browsers should be able to support it:

query = window.parent.location.search.substring(1);

You shouldn't get permission errors with this, but I may be wrong.

Rob
  • 39
  • 1
2

Use postMessage to pass data back and forth between the windows. It's a little klunky, but required when having windows communicate across origins.

bigmac
  • 717
  • 8
  • 24
  • +1 since this is the only solution that works while using a SharePoint Hosted Add In Part. document.referrer does not work, and setting the iframe src attribute from the host web is not accessible from within the add in part. I tried them all and this one worked perfectly. Thank you! – zpert Jun 07 '17 at 13:59
2

It will only work if the parent page and the iframe are on the same domain. If they are not on the same domain you can try passing the location through the src, like Madison Williams suggested.

That is probably why you are getting "Permission denied..."

JCOC611
  • 19,111
  • 14
  • 69
  • 90
1

Try:

var pathname = window.parent.location.href
Supratim
  • 27
  • 1
0

alert(window.top.location.href);

This works fine. To get the source URL from child (iframe) to parent.

Zara Raja
  • 1