Similar to the posts below:
Set focus on iframe in Chrome
Setting focus to iframe contents
From the root/parent I want to be able to pass focus to the iframe.
Anything that may be in focus in the iframe is fine.
iframe.contentWindow.focus();
However, the iframe.contentWindow is not accessible because its a cross-origin frame.
Seems like the answer is: not possible.
If there is a script running in the iframe you can directly call focus from there.
Related
I'm trying to use jQuery to modify an element that's "injected" externally. I've tried delegation with on but it didn't work.
Here's the page, scroll down and you'll see an avatar named "Sebastian" with <div class="Avatar">.
If I go right click, Console and type: $('.Avatar'), the element is identified, but this is only because I first clicked on "Inspect element" for that element. jQuery somehow "updated" the source and now it identifies the element.
Now, try to refresh the page and type $('.Avatar') again, jQuery will not identify the element (although it's already loaded on the page).
You can take a look under "A working example" how this script is injected into the page.
My question is, is it possible (and if so, how) to modify this HTML (which seems to be inserted dynamically as the page is loaded)? It doesn't seem to be using any sort of iFrame nor anything, it just dynamically loads into the page, yet jQuery is unable to recognize it (unless you "tell it" to do so by clicking on "Inspect element" on the actual element).
P.S. I've tried using on, delegate, it doesn't work.
jQuery will not identify the element after page because it's in another iframe.
You said "It doesn't seem to be using any sort of iFrame nor anything", but in the end it's iframe.
The reason why you can find it when you go right click on element and then in developers tools you write $('.Avatar') is because once you inspect element (right click) inside developer tool iframe will change.
Furthermore, your parent iframe and iframe that have avatar element have same origin. Run document.domain inside parent and other iframe. Iframe with avatar have origin "app.talkjs.com" and parent iframe have origin"talkjs.com".
Subdomains may be same-origin.
There’s a small exclusion in the “Same Origin” policy.
If windows share the same second-level domain, for instance john.site.com, peter.site.com and site.com (so that their common second-level domain is site.com), they can be treated as coming from the “same origin”.
https://javascript.info/cross-window-communication
You should be able to catch onload iframe event and then search for .avatar.
iframe.onload = function() {
let newDoc = iframe.contentDocument;
console.log(newDoc.getElementsByClassName("avatar");
};
So I've read about the HTML5 sandbox property and I understand that if I want to prevent an iframe redirect its parent window I can use the sandbox property leaving allow-top-navigation out. However when this is done, if the iframe was originally relying on top level redirection, what happens in its place is that it redirects to a blank page, effectively breaking navigation.
Can I prevent the iframe from tinkering its parent window while still allowing "top level" redirects, only letting these work within the context of the iframe instead of being top level?
Edit: For context, I'm working with a third party and its page has a form with a target _top. If the iframe is sandboxed, upon submitting the form users get a blank page, if it's not sandboxed the entire page is redirected. I'm looking for something that would allow to submit the form and show the result within the iframe itself.
With HTML5 the iframe sandbox attribute was added.
At the time of writing this works on Chrome, Safari, Firefox and recent versions of IE and Opera but does pretty much what you want:
Allows the iframe content to be treated as being from the same origin as the containing document
<iframe src="url" sandbox="allow-same-origin"></iframe>
Browser Compatibility
Some Useful links
w3schools for sandbox
developer.mozilla.org iframe
-
You can use the onbeforeunload property and determine if you wan to redirect or not.
Here is the docs page for it
Basically what I would try is this:
Make a function that adds the sandbox attribute with everything, just leaving out the allow-top-navigation, to the iframe
Bind a function to the onbeforeunload property of the iframe that calls the function that adds the sandbox attribute (be sure not to return anything because a dialog will pop-up)
This should work because the request is made in the iframe first, and then we can prevent it from carrying over to our top level window.
Another thing you should check is if you maybe left out the allow-formsoption, which can cause what you are describing.
Please let me know if any of this worked.
I have a domain,
example.com
Iframe's source is,
server1.example1.com
The problem is, I would like to refresh the iframe with JavaScript inside my iframe, when I location.reload() the page, Iframe loads empty and this only happens in chrome, How can I fix this?
perhaps try this:
// Reload the current page, without using the cache
document.location.reload(true);
source: https://developer.mozilla.org/en-US/docs/Web/API/Location.reload
I know Chrome does some pretty clever things with its cache, so maybe that will help.
right click and reload frame, seriousle:
If the iframe was not on a different domain, you could do something like this:
document.getElementById(FrameID).contentDocument.location.reload(true);
But since the iframe is on a different domain, you will be denied access to the iframe's contentDocument property by the same-origin policy.
But you can hackishly force the cross-domain iframe to reload if your code is running on the iframe's parent page, by setting it's src attribute to itself. Like this:
// hackishly force iframe to reload
var iframe = document.getElementById(FrameId);
iframe.src = iframe.src;
If you are trying to reload the iframe from another iframe, you are out of luck, that is not possible.
Im having a strange issue only in safari browser, im calling a parent window's javascript function from within a child iframe.
Initially the iframe's src will be an external site which will redirect to my site after the work is done. The redirect page contains the following three lines of code.
This seems to work in all browsers except safari.
The only call within the iframe is
<script>
self.parent.PARENT_FUNCTION("param");
</script>
Ive tried several other ways instead of self.parent like top.PARENT_FUNCTION,etc but still the main window's location seems to change.
One thing we noticed is that while the redirect is happening within the iframe, im getting a security certificate warning, once I clieck continue, then the browsers location changes to the new redirect url instead of just the iframe's src.
any clues what could the issue be ?.
Apparently the issue is with safari browser and invalid security certificate of the site within the iframe.
It basically does a frame busting and changes the main window's url if the site within the iframe is having an invalid ceritificate.
Is it possible ?
I've made on page with iframe, I want a script that'll click automatically inside in one iframe's link.
But I also want that script to detect half link, I mean the link which is in iframe changes everytime, but the first part of the link doesnt change, so the javascript should detect half link which doesnt change and redirect to it...
Why don't you write a "client" library and import it within iFrame. This library listen to a message from HTML5 postMessage call with certain attribute and react appropriately. Since you have access to the parent object through the event object (or window.parent), you can also send response back with the result. This way, it doesn't matter if it's cross-domain and as long as this library exists, you can communicate back-and-forth and even has the iFrame initiate if you write it properly.
I can't share the code with you since it's our proprietary library, but that's part of the idea.
If the content of your iframe is from a different domain, you can't. Allowing this would be a major security concern.
If your iframe content is in the same domain, then you can access the iframe content through its contentWindow property. You can then work with your iframe link the same way you would if the link was in the main page.