Cant close an iframe in google chrome - javascript

im using an iframe from the fancybox plugin. I can close the iframe in every browser excpect google chrome with the javascript order:
parent.$.fancybox.close();
or:
parent.jQuery.fancybox.close();
just google chrome refuses to do his job in this case.
The error message of the console is:
Unsafe JavaScript attempt to access frame with URL file:///C:/Users/exampleuser/Desktop/index.html from frame with URL file:///C:/Users/exampleuser/Desktop/Version42/index.html#. Domains, protocols and ports must match.
pidgin.js:357Uncaught TypeError: Cannot read property 'fancybox' of undefined
My frame is local at the moment if that matters.

Try using parent.postMessage() (described here) and listen in on window.onmessage at the parent to invoke $.fancybox.close().

Nothing wrong with your code but Google Chrome won't let you work with ajax or iframes (and fancybox) locally. You need to upload your files to a server to make it work.

Related

Clicking reCaptchas in JavaScript

I am working on a project, and it involves me clicking a reCaptcha element (iframe) in JavaScript. I have found multiple ways to detect if there is a reCaptcha element (".g-recaptcha", role='presentation' on the iframe itself, etc) however upon trying to click it I get console errors. Note that right now I am just executing the code in the web console, and have not actually programmed it into an extension. Basically, the command I am trying to run the console is :
document.querySelector('[role="presentation"]').contentWindow.document.getElementById("recaptcha-anchor").click()
The reason this "should" work is because the iframe element has the unique attribute of "role=presentation", it then goes into the html code embedded in the iframe and tries to click the little box, as noted by "recaptcha-anchor". However, testing this code grants me the following error:
VM8195:1 Uncaught DOMException: Blocked a frame with origin "https://minecraft.buzz" from accessing a cross-origin frame.
at <anonymous>:1:62
(anonymous) # VM8195:1
Does someone have any ways to get around this, or potentially know how I could code something in a JS chrome extension to do this?

trying to use window.opener technique to call parent js function from child popup window?

I'm trying to use the js window.opener technique to return a selected value from a child window back to a parent js function. Here's a url to a zip file where I set up a basic poc:
https://www.dropbox.com/s/gle9sou3gj770ej/WindowOpenerPOC.zip
LaunchPage.html is used to open ResolveCaseDialog.html. The Submit button on ResolveCaseDialog submits the selected "Resolution Type" value to window.opener.ProcessReturnValue().
However, when I click the Submit button, the ResolveCaseDialog js throws the following exception: "Uncaught SecurityError: Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match."
Can you please take a look at this setup and let me know if there's a trick to making this work that I'm missing?
I'm on a similar problem too, you have to use
opener.ProcessReturnValue();
instead of
window.opener.ProcessReturnValue()
This works for Internet Explorer but doesen't work on Chrome.
Now the problem is that is not specified the port.
We are a step forward but the problem isn't resolved yet.
Here there is an example:
call opener function
The main page is testA, that calls testB.

Using Google Drive in an iFrame doesn't work

I'm running into some problems using Google Drive in an iFrame. Normally, using it in an iFrame wouldn't be a good idea anyways, but this is for teaching Google Drive, where a student codes up something and then they can preview it.
The preview needs to happen in an iFrame, because that way it's sandboxed, and won't potentially disturb the rest of the page. I've been attempting to do this in a few different ways. I'm thinking it's related to a limitation of using OAuth an iframe, but open to other suggestions.
Here's the non-iframe version which works. This just sets up a Google Picker using my client_id and developer_key. It works fine. http://sandbox.codeschool.com.s3.amazonaws.com/dart/drive.html
Attempt #1
If you try to run this same script in an iframe, things go wrong. Here's an example of this:
http://sandbox.codeschool.com.s3.amazonaws.com/dart/loader-src.html
The entire code for this page is
<iframe height='600' width='800' src='drive.html' sandbox='allow-scripts'></iframe>
Google loader gapi loads, and calls the auth callback correctly, but the script doesn't properly load. This gives this error on this code:
gapi.auth.authorize({
'client_id': clientId,
'scope': ['https://www.googleapis.com/auth/drive']
}, handleAuthentication);
Uncaught TypeError: Cannot call method 'authorize' of undefined
Uncaught TypeError: Cannot read property 'prototype' of undefined
So somehow Google Drive is saying the library loaded, but auth isn't being defined.
Attempt #2
Rather than loading everything in from an iframe via the src, attempting to create an iframe dynamically via JavaScript and write the content in. Here's the link to this example: http://sandbox.codeschool.com.s3.amazonaws.com/dart/loader-js.html Basically something like this:
iframe = document.getElementsByTagName('iframe')[0];
iframe.sandbox = 'allow-scripts';
doc = iframe.contentDocument;
doc.open();
doc.write(htmlContent());
doc.close();
This seems to get us a step farther. Rather than getting the JS error on authorize, the script progresses down to where it creates the picker before failing when it tries to set the developer key.
This gives an error: "The API developer key is invalid.".
I'm initially thinking this is because the browser key referrers are set wrong. Here's what they're set at for this developer key:
http://sandbox.codeschool.com.s3.amazonaws.com/*
http://*
*
Last two were really just to test things. Anyone have any suggestions on possible ways of getting around this restriction?

addthis: JS security error for addthis utility frame

I'm trying to use addthis on my page. When using Chrome, I receive a JavaScript security error.
Unsafe JavaScript attempt to access frame with URL <AddThis url> from frame with URL <local url>. Domains, protocols and ports must match.
The only frame I've got in this page is an AddThis-generated one, with the title "AddThis utility frame".
Is there any way to get over this?
I've seen this in addthis's implementation of nucaptcha for their version 250. Try upgrading to their 300 version, they went back to recaptcha.

accessing func in iframe. local to online

HI, i got a simple html page, localy with an iframe. the iframe includes a generated page which got a javascript function. i know want to call that function. of course, im getting "permission denied". so since im new to js and all that stuff i dont know if it's actually possible to do that. give me some hints for searching or a nice solution.
i do cal lthe func like: parent.myiframe.myfunc();
I guess the page in the iframe resides on another server / domain. Modern browser do not allow "cross site scripting", see: http://de.wikipedia.org/wiki/Cross-Site_Scripting
If possible, move the site in the iframe to the same server. An alternative (workaround) would be to proxy the page on the local server, so that that for the client it seems to be loaded from the same domain.
Edit: This is also called a "Same Origin Policy". You can only call java script functions in a document that is:
from the same domain (www.mydomain.com)
from the same subdomain (mail.mydomain.com <- no go!)
both use the same port (p.Ex.
accessing a http://... document from
a http*s*:// document won't work).
There might be another workaround if you have access to the iframe's source:
Change the iframe domain to the same as the outer frame's, by applying:
document.domain = "domain.com";
in the iframe source (see http://ajaxian.com/archives/how-to-make-xmlhttprequest-calls-to-another-server-in-your-domain for more information).
Also there is a Draft for "Cross-Origin Resource Sharing" (http://www.w3.org/TR/cors/) that is already partially implemented in several browser, see: http://www.webdavsystem.com/ajax/programming/cross_origin_requests

Categories