I have an iFrame inside my HTML code.
This iFrame has a javascript that shows Window.alert() popups.
How can I prevent them from appearing? and also prevent the iFrame from interacting with my window?
I'm using GWT's Frame If that's relevent.
== EDIT ==
The iFrame is not in the same domain as my website so i can't access the Javascript code from the iFrame
For browsers that support the sandbox attribute on <iframe>s, you can disable ALL JavaScript (including alerts).
<iframe sandbox src="..."></iframe>
I know this is a bit late, but I have an improvement to philfreo's answer. Iframe sandbox has an allow-popups attribute you can exclude. Try this: <iframe sandbox="allow-scripts allow-forms allow-pointer-lock allow-same-origin" src="..."></iframe>
As your iframe is not in the same domain, it's impossible to script it (and remove the alert) because of the Same origin Policy
I'm sorry, but that's the answer
Cheers
I have tried to solve you issue.
So I found a way to help you.
Here is my way.
document.getElementById('iframe-src').contentWindow.alert = function(){}
And this way worked well.
Cheers
sandbox attribute will help you to block alert() from iframe
<iframe sandbox src="..."></iframe>
Related
I have this code:
<iframe sandbox="allow-scripts allow-same-origin"
src="//sportsbay.org/embed/72691/1/fc-juarez-vs-chivas-guadalajara-live.html"
width="100%" height="100%" frameborder="0"></iframe>
If I use it without: sandbox="allow-scripts allow-same-origin" it works well.
But when I add the sandbox code it says: "Sandboxing is not allowed"
Is it possible to somehow force to use sandbox without getting that error?
No.
The site has code which detects it is sandboxed and refuses to display the content when it is.
Presumably, this is because they use features you are blocking in order to make money on their (looks at the name of the site) presumably copyright-infringing content.
I am trying to grab the Iframe from here:
http://www.neighbourhood.statistics.gov.uk/HTMLDocs/dvc126/
The code is here:
<iframe width=940 height=700 src="http://www.neighbourhood.statistics.gov.uk/HTMLDocs/dvc126/" scrolling=no frameborder=0/>
but when I add it in the plain text editor on WP it does not work, just a huge white space.
Now I am thinking this is a problem with the Iframe itself? It has no tag, so maybe this is why?
Check if your browser supports iframe or not. Check
<iframe src='https://docs.google.com/viewer?url=https://docs.google.com/document/d/125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE/export?format%3Dpdf&id=125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE&embedded=false' frameborder='0'></iframe>
after this code I have next error
Refused to display 'https://docs.google.com/a/myrussiaonline.ru/viewer?url=https://docs.google.…ormat%3Dpdf&id=125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE&embedded=false' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
If I set
<iframe src='https://docs.google.com/viewer?url=https://docs.google.com/document/d/125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE/export?format%3Dpdf&id=125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE&embedded=true' frameborder='0'></iframe>
Then, all fine
Can I set &embedded=false and have correct render without error?
Thanks
The only way I've found to get the Google Docs Viewer to work in an iframe is:
<iframe src="https://docs.google.com/viewer?srcid=[YOUR_FILE'S_ID_HERE]&pid=explorer&efh=false&a=v&chrome=false&embedded=true" width="800" height="600" style="border: none;"></iframe>
Try this tutorial-
https://www.youtube.com/embed/A5SkbcId-v0
U should have your answer.
Update-
According to Google Policy, if u like to have your document viewed with a iFrame, then embedded=true should be in the URL.
Demo Code-
<iframe src='https://docs.google.com/viewer?url=https://docs.google.com/document/d/125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE/export?format%3Dpdf&id=125CJmmlBfy7UgfYuBAmb1_HSCuyz8NV133361KTK1SE&embedded=true' frameborder='0'></iframe>
First you should go to your document on google drive :
click file
publish to the web
embed
publish
You will get the code of the iframe you can use it to visualize your spreadsheet without the possibility to edit it
No, you can not, this parameter is specify that source would be embedded. And the idea behind using it is to avoid clickjacking attacks
I'm loading an iframe with jquery and I would like to scrape content from the iFrame.
The content is on a diffrent domain than my own.
For some reason I keep getting the alert as "undefined".
<iframe id="myiframe" src="http://www.cnn.com" style="width:1000px; height:300px;"></iframe>
<script>
setTimeout(function() {
alert($("#myiframe").children("div").html());
},5500);
</script>
You can't do anything with iframe content if content belongs to other domain.
This is short but full answer for this question
There is no way around it but to use a proxy - but I would question whether there would be legal issues in doing so.
Read here https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
The return value of document.location.href will become javascript:window["contents"] sometimes.
When it will happened? how to avoid it?
I found out
The code is placed in an iframe without src url.
<iframe id="google_ads_iframe_/21202031/LTN-000-03-HOME-120X600-DISPLAY_0" name="google_ads_iframe_/21202031/LTN-000-03-HOME-120X600-DISPLAY_0" width="120" height="600" scrolling="no" marginwidth="0" marginheight="0" frameborder="0" src="javascript:"<html><body style='background:transparent'></body></html>"" style="border: 0px; vertical-align: bottom;"></iframe>
As you already have suspected, this indeed has to do with (I)Frames and more specifically, the way some scripts/libraries work with those frames.
It is a technique to avoid a ReferenceError (in IE) in some cases when loading an external javascript (that is loaded asynchronous) which holds/provides variables/objects that are used in the frame's inline-script-source.
To quote the most relevant part from an article called 'inject content into a new iframe' :
Instead of using document.open/write/close we use the following
approach:
iframe.contentWindow.contents = content;
iframe.src = 'javascript:window["contents"]';
First, we assign the dynamic content to a variable on the iframe’s
window object. Then we invoke it via the javascript: scheme. This not
only renders the HTML properly, but loads and executes the scripts in
the desired order.
This is also in-line with a similar answer on SO.
Hope this helps!
For me I have 3 tabs that open with Internet Explorer ... Yahoo, MSN and my email account. Went to "tools" >Internet Options and removed Yahoo, okay and closed. After I verified that I no longer got the java script error tab I reinstalled Yahoo and that solved the problem.