0

I have a HTML website that inside the iframe I have a <script> tag.

I can get the iframe by running:

iframe = document.getElementsByTagName("iframe")

When I print iframe[0] I received:

<iframe id="576259869" src="https://..." frameborder="0" allow="autoplay; fullscreen" allowfullscreen="" class="sc-kVrTmx jfegoL" data-ready="true"></iframe>
#document
 <html lang="en">
  <head>...</head>
  <body>
   <div id="..">...</div>
   <script>...</script>
  </body>
 </html>
</iframe>

I tried to catch it like that:

iframe[0].getElementsByTagName("script")

But it gives me an empty arrary HTMLCollection [] although I can see the tag inside the iframe.

E235
  • 11,560
  • 24
  • 91
  • 141
  • "the tag inside the iframe" – It isn't inside the iframe, it is inside the **document** which is inside the iframe. – Quentin Aug 08 '21 at 16:52
  • @Quentin so I can I get it ? – E235 Aug 08 '21 at 16:54
  • See the duplicates – Quentin Aug 08 '21 at 16:54
  • @Quentin okay, the second answer might help. When I run `iframe[0].contentWindow.document` it gives me the origin policy error – E235 Aug 08 '21 at 17:02
  • The second duplicate covers the cross-origin issue. – Quentin Aug 08 '21 at 17:04
  • yes, it helps to under. Still weird because I can grab it with the browser GUI, but okay.. – E235 Aug 08 '21 at 17:05
  • It isn't wird. You, the person who can access the browser GUI, already have permission to access the site displayed in the iframe. Mallory (the hypothetical evil hacker who wrote the webpage you are looking at) **doesn't** have permission to access your online banking service (the hypothetical site displayed in the iframe). – Quentin Aug 08 '21 at 17:07
  • Yes you are right – E235 Aug 08 '21 at 17:11

0 Answers0