How to allow cross origin on iframe through sandbox parameter

Asked Sep 24 '21 at 21:37

Active Sep 24 '21 at 23:30

Viewed 2,501 times

App is render as 'iframe' micro app and there is another 'iframe' within microapp 'iframe'.

Micro app iframe renders as below:

sandbox="allow-scripts allow-popups allow-modals allow-forms allowdownloads allow-same-origin"

when inner iframe try to access outer iframe then it creates below error:

Blocked a frame with other "https://microapp-ifram.com" from accessing a cross origin frame.`

Is there any way on "sandbox" parameter which can allow cross origin ?

By removing "sandbox" it worked but having "sandbox" causes CORS issue. I can not remove "sandbox" as its not in control. but, I can add any additional attribute to fix CORS.

Something like this if any valid sandbox parameter: sandbox="allow-scripts allow-popups allow-modals allow-forms allowdownloads allow-same-origin <ALLOW CROSS ORIGIN> "

edited Sep 24 '21 at 23:30

sideshowbarker

81,827
26
193
197

asked Sep 24 '21 at 21:37

dsi

3,199
12
59
102

See the answer at https://stackoverflow.com/a/25098153/441757. You need to use postMessage. There is no alternative. – sideshowbarker Sep 24 '21 at 23:33
@sideshowbarker actually, I am using blob URL child iframe to parent iframe like `printJS(URL.createObjectURL(file))` // here, printJS executed on child iframe and containing parent iframe blob URL. And causing an issue, Is there a way to `postMessage` for `printJS(URL)` ? – dsi Sep 25 '21 at 01:05

How to allow cross origin on iframe through sandbox parameter

0 Answers0