3

On the website http://imaginaryman-test.blogspot.com/ the typewriter is inside of an IFAME . Everything works correctly on all browsers when you go to the site directly http://castedspell.com/mark/ but when viewing the version embeded in an IFRAME it does not work on IE and throws errors in Chrome.

Unsafe JavaScript attempt to access frame with URL http://imaginaryman-test.blogspot.com/ from frame with URL http://castedspell.com/mark/. Domains, protocols and ports must match.

This is the source code for the embedded IFRAME https://github.com/totheleftpanda/typeWrite/tree/master/mark

I understand that this is a security problem but I don`t know how to fix it and can not find any material that would help me solve the issue.

Improve this question
2
  • 1
    No one has answered the basic question of why this does not work. Commented Jul 14, 2011 at 18:13
  • I see the error before anything happens with the swf. Can you try commenting out the swf embed and see if you still see the errors in chrome? Commented Jul 15, 2011 at 2:13

5 Answers 5

Reset to default
3
+25

The easiest method is to set a PHP (or any server language) proxy that just gets the content of the page from the other domain and outputs it. The only real drawback is that the cookies of the client for the remote domain aren't sent.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

And if you really can't do it, try developer.mozilla.org/en/DOM/window.postMessage but that'll only work if you control both sites.
1

Take a look at http://benalman.com/projects/jquery-postmessage-plugin/. This is a jquery plugin that sends message between the two frames. The two frames do not need to be on the same domain. But you do need to access both pages to be able modify them. I also wrote a post here that answers communication between iframes. How to capture clicks from iframe on another domain?

Improve this answer

Comments

1

Your only chance is something like easyXDM. (or do it manually using the hash, but would prefer easyXDM)

See the SO answer: Cross-domain hash change communication

eg. if you wanna call a method:
http://easyxdm.net/wp/2010/03/17/remote-procedure-calls-rpc/

EDIT:

If I try your demo in firefox I don't get the "Unsafe JavaScript attempt to access" error at all. But in Chrome it's thrown many times.
You have so much other code in your example that I'm not even sure that your code causes the problem. You should do a very limited/basic test to see if your flash-communication works, without all those other javascripts.

Improve this answer

3 Comments

What call is cross domain? The flash app that I am calling is inside the Iframe.
you are using javascript to call a method within the iframe which is on another domain... so it's cross domain
Even though the JS is in the I frame. That makes no sense it only throws errors relating to the Flash interface which is also nested in the Iframe.
0

I have had similar issues with this before. Basically if you have an iframe that contains a page from a domain that differs from the main page's domain, javascript will not be able to cross the boundaries between them. Javascript within the iframe will be able to talk within the iframe, javascript in the main page will be able to talk within the main page, but they will not be able to talk to each other.

This is a security issue that aims to stop cross-site scripting attacks. There are a number of hacks that you can put in place to get around this problem but they are all (or at least the ones I know of) rather hairy.

Here are some questions that you should answer before trying to go further:

1) What exactly are you trying to do between the pages using javascript?
2) Do you have access to the source of both pages?

Improve this answer

3 Comments

1)I do have access to both sources of the pages. 2)I was not trying to access anything between the pages I did not believe. I am trying to call an external flash function from the IFRAME within that same IFRAME. Could it be that the flash player is exporting the JS functions to the outer window?
Hmmmmm. I do not think that the flash player would be trying to export JS functions to the outer window. The only thing that it could potentially be doing would be injecting javascript to the iframe which then attempts to access parent.somethingOrOther. If you're saying that you're calling an external flash function, then what are you using to call the external function? Javascript?
Yes I am exporting the playSound() function from flash to JS using flashes external interface library github.com/totheleftpanda/Brujita/blob/master/www/mark/…
0

It may be waaay simpler than the above answers. It looks like this function:

function playSound(){
    swf.playSound();
}

Is written in the DOM timeline before swf is actually assigned to the swfObject in the function below it.

I would recommend moving that function down further and then retest.

Improve this answer

2 Comments

Defining a function doesn't call it.
That's already in the code, I'm not suggesting writing a new function. What I'm saying is that the function "playSound" is defined before swf has methods attached to it, ergo, swf.playSound() will be an undefined method according to IE's DOM

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.