This question already has an answer here:
这个问题已经有了答案:
- Cross domain iframe issue 2 answers
- 交叉域iframe问题2的答案
I have an iframe for a cross-domain site. I want to read the DOM of the iframe, which I believed was possible because using the inspector, I can even modify the DOM of an iframe. Every way I attempt to read it, however, I run into the same origin policy. All I want, is the content loaded in my local DOM, from the iframe. I thought it would be as simple as $(document.body).find('iframe').html(), but that's returning the empty string.
我有一个跨域站点的iframe。我想要读取iframe的DOM,我认为这是可能的,因为使用检查器,我甚至可以修改iframe的DOM。然而,每次我试图读它的时候,我都遇到了相同的起源策略。我想要的,是从iframe加载到本地DOM中的内容。我原以为它和$(document.body).find('iframe').html()一样简单,但它返回的是空字符串。
I really hope there's a way to do this since the work I've been doing for the last several days has been predicated on this being do-able.
我真的希望有一种方法可以做到这一点,因为我最近几天一直在做的工作已经预测到这是可行的。
Thanks
谢谢
5 个解决方案
#1
56
You can't. XSS protection. Cross site contents can not be read by javascript. No major browser will allow you that. I'm sorry, but this is a design flaw, you should drop the idea.
你不能。XSS的保护。javascript不能读取跨站点内容。没有主流浏览器会允许你这么做。很抱歉,这是一个设计缺陷,你应该放弃这个想法。
EDIT
编辑
Note that if you have editing access to the website loaded into the iframe, you can use postMessage (also see the browser compatibility)
注意,如果您有对加载到iframe中的网站的编辑访问权限,您可以使用postMessage(还可以查看浏览器兼容性)
#2
8
There is a simple way.
有一个简单的方法。
-
You create an iframe which have for source something like "http://your-domain.com/index.php?url=http://the-site-you-want-to-get.com/unicorn
您可以创建一个iframe,它的源代码有“http://your-domain.com/index.php?
-
Then, you just get this url with $_GET and display the contents with file_get_contents($_GET['url']);
然后,您只需使用$_GET获得这个url并使用file_get_contents($_GET['url'])显示内容;
You will obtain an iframe which has a domain same than yours, then you will be able to use the $("iframe").contents().find("body") to manipulate the content.
您将获得一个具有与您的域相同的域的iframe,然后您将能够使用$(“iframe”).contents().find(“body”)来操作内容。
#3
7
If you have access to the iframed page you could use something like easyXDM to make function calls in the iframe and return the data.
如果您能够访问iframe页面,您可以使用easyXDM之类的工具在iframe中进行函数调用并返回数据。
If you don't have access to the iframed page you will have to use a server side solution. With PHP you could do something quick and dirty like:
如果您无法访问iframe页面,您将不得不使用服务器端解决方案。使用PHP,您可以做一些快速而肮脏的事情:
<?php echo file_get_contents('http://url_of_the_iframe/content.php'); ?>
#4
4
If you have an access to that domain/iframe that is loaded, then you can use window.postMessage to communicate between iframe and the main window.
如果您可以访问加载的域/iframe,那么您可以使用window。在iframe和主窗口之间通信的postMessage。
Read the DOM with JavaScript in iframe and send it via postMessage to the top window.
在iframe中使用JavaScript读取DOM并通过postMessage发送到顶部窗口。
More info here: https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
更多信息:https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
#5
-3
There's a workaround to achieve it.
有一个变通的办法来实现它。
-
First, bind your iframe to a target page with relative url. The browsers will treat the site in iframe the same domain with your website.
首先,将iframe绑定到具有相对url的目标页面。浏览器将在iframe与你的网站相同的领域处理网站。
-
In your web server, using a rewrite module to redirect request from the relative url to absolute url. If you use IIS, I recommend you check on IIRF module.
在您的web服务器中,使用重写模块将请求从相对url重定向到绝对url。如果您使用IIS,我建议您检查IIRF模块。
#1
56
You can't. XSS protection. Cross site contents can not be read by javascript. No major browser will allow you that. I'm sorry, but this is a design flaw, you should drop the idea.
你不能。XSS的保护。javascript不能读取跨站点内容。没有主流浏览器会允许你这么做。很抱歉,这是一个设计缺陷,你应该放弃这个想法。
EDIT
编辑
Note that if you have editing access to the website loaded into the iframe, you can use postMessage (also see the browser compatibility)
注意,如果您有对加载到iframe中的网站的编辑访问权限,您可以使用postMessage(还可以查看浏览器兼容性)
#2
8
There is a simple way.
有一个简单的方法。
-
You create an iframe which have for source something like "http://your-domain.com/index.php?url=http://the-site-you-want-to-get.com/unicorn
您可以创建一个iframe,它的源代码有“http://your-domain.com/index.php?
-
Then, you just get this url with $_GET and display the contents with file_get_contents($_GET['url']);
然后,您只需使用$_GET获得这个url并使用file_get_contents($_GET['url'])显示内容;
You will obtain an iframe which has a domain same than yours, then you will be able to use the $("iframe").contents().find("body") to manipulate the content.
您将获得一个具有与您的域相同的域的iframe,然后您将能够使用$(“iframe”).contents().find(“body”)来操作内容。
#3
7
If you have access to the iframed page you could use something like easyXDM to make function calls in the iframe and return the data.
如果您能够访问iframe页面,您可以使用easyXDM之类的工具在iframe中进行函数调用并返回数据。
If you don't have access to the iframed page you will have to use a server side solution. With PHP you could do something quick and dirty like:
如果您无法访问iframe页面,您将不得不使用服务器端解决方案。使用PHP,您可以做一些快速而肮脏的事情:
<?php echo file_get_contents('http://url_of_the_iframe/content.php'); ?>
#4
4
If you have an access to that domain/iframe that is loaded, then you can use window.postMessage to communicate between iframe and the main window.
如果您可以访问加载的域/iframe,那么您可以使用window。在iframe和主窗口之间通信的postMessage。
Read the DOM with JavaScript in iframe and send it via postMessage to the top window.
在iframe中使用JavaScript读取DOM并通过postMessage发送到顶部窗口。
More info here: https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
更多信息:https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
#5
-3
There's a workaround to achieve it.
有一个变通的办法来实现它。
-
First, bind your iframe to a target page with relative url. The browsers will treat the site in iframe the same domain with your website.
首先,将iframe绑定到具有相对url的目标页面。浏览器将在iframe与你的网站相同的领域处理网站。
-
In your web server, using a rewrite module to redirect request from the relative url to absolute url. If you use IIS, I recommend you check on IIRF module.
在您的web服务器中,使用重写模块将请求从相对url重定向到绝对url。如果您使用IIS,我建议您检查IIRF模块。