1

I've got a main html file which loads another html file in the same directory through an iframe. There is a button on the main page which targets the html file from the iframe. It's using this function:

    <script>
function myFunction() {
    var x = document.getElementsByTagName("iframe")[0].contentWindow;
    x.exportRoot.gotoAndPlay(2);
}
</script>

Live it works like intended: when I click the button it starts the Animate CC animation from within the iframe. When I view the file locally however I get this error message in the console window:

SecurityError (DOM Exception 18): Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.

I've read this has to do with same-origin policy. Which would make sense if the main page was at another domain as the iframe page. But both html file are locally in the same directory.

My browsers (tried both Safari and Chrome) nonetheless see that as two different domains? Is there something I can change to make it work locally too?

jiggy1965
  • 157
  • 1
  • 2
  • 14
  • 2
    By locally do you mean the protocol is `file:///`? If so that is why, locally loaded files are more strict in the same-origin policy – Patrick Evans Mar 03 '18 at 17:51
  • I suggest you post your ` – Renardo Mar 03 '18 at 17:54
  • It is indeed file:/// I'm using. So I can test the html file before I put it live. Is there some way to bypass that same-origin policy while testing locally then? – jiggy1965 Mar 03 '18 at 17:56
  • Can you use Firefox? It is less strict about this than Safari. See https://www.codeproject.com/Questions/1195078/How-to-fix-cross-origin-requests-are-only-supporte . Or use a local web server. – Renardo Mar 03 '18 at 18:04
  • @jiggy1965 The domain till the / has to be exactly the same. – Joost Meijer Mar 03 '18 at 18:21

1 Answers1

0

to do dev locally you should use a simple web server. it will take you less than 2 minutes to set up. there are a bunch here

What is a faster alternative to Python's http.server (or SimpleHTTPServer)?

do NOT disable web security in your broswer. One forgetful click and your machine may be owned. Even if you think the risk is low why take any risk when the proper way of using a simple web server is so easy?

gman
  • 100,619
  • 31
  • 269
  • 393