1

I have an iframe on domain A which is embedding a page from domain B. I have access to both domains. Now i want to be able to change the contents of the iframe with a script from domain A. I keep getting the SecurityError: Permission denied to access property "document" on cross-origin object Error when i try to access the document property of iframe.contentWindow.

I tried setting the Content-Security-Policy on domain B. I tried setting the Access-Control-Allow-Origin on domain B. I tried setting the X-Frame-Options on domain B. I tried setting document.domain on domain B. I even tried adding the sandbox property to the iframe on domain A.

What do i need to change in order to access the contents on the iframe? Or is this not possible at all?

I've been searching for a solution for a couple days now and cant find anything that works.

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
Milan
  • 97
  • 1
  • 12
  • 2
    postMessage() from within the iframe, receiveMessage() from the containing page - that has worked for me. –  Apr 27 '20 at 12:16
  • @Yishmeray i guess thats what i'll be doing. Sad that there is no real other way of doing this. – Milan Apr 27 '20 at 13:47

0 Answers0