从iframe访问父窗口(跨域)

时间:2022-08-23 10:20:29

I've encountered the task to access parent window from iFrame, if the window in iFrame was loaded from another domain. If I understand correctly, all modern browsers do now allow to do this. So I'm here to find the best solution.

我遇到了从iFrame访问父窗口的任务,如果iFrame中的窗口是从另一个域加载的。如果我理解正确,现在所有现代浏览器都允许这样做。所以我在这里找到最好的解决方案。

I'm going to accomplish this next way:

我将以下一个方式完成此任务:

I have an overlay with an iFrame within it. This will work instead of pop-ups to prevent pop-up blockers to block my content. The task is to reload the main page when the document in the iFrame finishes some work. In a document, which will be loaded to an iFrame, I will add

我有一个叠加内部的iFrame。这将有效,而不是弹出窗口,以防止弹出窗口阻止程序阻止我的内容。任务是在iFrame中的文档完成某些工作时重新加载主页面。在一个将加载到iFrame的文档中,我将添加

<div id="is_closed" class="false"></div>

In a parent window I'll add function, which will be called every second and check if this div still has class name "false". When this will be changed to "true", I'll call some callbacks.

在父窗口中,我将添加函数,该函数将每秒调用一次并检查此div是否仍具有类名“false”。当这将改为“true”时,我会调用一些回调。

If you have any better solution, please share it with me. Will appreciate any help.

如果您有更好的解决方案,请与我分享。将不胜感激任何帮助。

Edit: This is impossible because it's not only impossible to manipulate parent window from child window, but vice versa too. My idea was to manipulate child window from parent window. I was wrong.

编辑:这是不可能的,因为它不仅不可能从子窗口操纵父窗口,反之亦然。我的想法是从父窗口操纵子窗口。我错了。

4 个解决方案

#1


12  

If I understand correctly, all modern browsers do now allow to do this. So I'm here to find the best solution.

如果我理解正确,现在所有现代浏览器都允许这样做。所以我在这里找到最好的解决方案。

This is your solution. What you're asking is not possible.

这是你的解决方案。你问的是不可能的。

See related questions:

查看相关问题:

EDIT

编辑

As mentioned in the comments below, @JeremysAwesome's answer offers a method that would allow cross-domain requests under certain circumstances. See the SO question below for more information.

如下面的评论中所述,@ JeremysAwesome的答案提供了一种在某些情况下允许跨域请求的方法。有关详细信息,请参阅下面的SO问题。

Ways to circumvent the same-origin policy

如何规避同源政策

#2


36  

If I were you I would check out window.postMessage. It may do what you want:

如果我是你,我会看看window.postMessage。它可以做你想要的:

For reference see the following:

供参考,请参阅以下内容:

#3


6  

but you can change the src attribute of the iframe (adding a #hashtag for example) and listen to the onhashchange event in the child window. Given that you're in position to change both pages.

但您可以更改iframe的src属性(例如添加#hashtag)并在子窗口中侦听onhashchange事件。鉴于您有能力更改两个页面。

#4


-3  

set a variable/item in sessionStorage and use it on both sides as you wish. localStorage can do it for longer times.

在sessionStorage中设置变量/项目,并根据需要在两侧使用它。 localStorage可以做更长的时间。

security risk is someone uses and manipulates this to hijack your side. BUT if someone wants to do so - there will allways be a possibility.

安全风险是有人使用和操纵这个来劫持你的一方。但如果有人想这样做 - 总会有可能。

Remember: Life finds a way... ;-)

记住:生活找到了方法...... ;-)

#1


12  

If I understand correctly, all modern browsers do now allow to do this. So I'm here to find the best solution.

如果我理解正确,现在所有现代浏览器都允许这样做。所以我在这里找到最好的解决方案。

This is your solution. What you're asking is not possible.

这是你的解决方案。你问的是不可能的。

See related questions:

查看相关问题:

EDIT

编辑

As mentioned in the comments below, @JeremysAwesome's answer offers a method that would allow cross-domain requests under certain circumstances. See the SO question below for more information.

如下面的评论中所述,@ JeremysAwesome的答案提供了一种在某些情况下允许跨域请求的方法。有关详细信息,请参阅下面的SO问题。

Ways to circumvent the same-origin policy

如何规避同源政策

#2


36  

If I were you I would check out window.postMessage. It may do what you want:

如果我是你,我会看看window.postMessage。它可以做你想要的:

For reference see the following:

供参考,请参阅以下内容:

#3


6  

but you can change the src attribute of the iframe (adding a #hashtag for example) and listen to the onhashchange event in the child window. Given that you're in position to change both pages.

但您可以更改iframe的src属性(例如添加#hashtag)并在子窗口中侦听onhashchange事件。鉴于您有能力更改两个页面。

#4


-3  

set a variable/item in sessionStorage and use it on both sides as you wish. localStorage can do it for longer times.

在sessionStorage中设置变量/项目,并根据需要在两侧使用它。 localStorage可以做更长的时间。

security risk is someone uses and manipulates this to hijack your side. BUT if someone wants to do so - there will allways be a possibility.

安全风险是有人使用和操纵这个来劫持你的一方。但如果有人想这样做 - 总会有可能。

Remember: Life finds a way... ;-)

记住:生活找到了方法...... ;-)