We often have the parent page and the IFRAME page operation, such as
<iframe id = "iframe" ></iframe>
The contents of this iframe are JS written. such as the following code
|1 2 3 4 5||var iframe = document.getElementById ("iframe"), doc = iframe.contentWindow.document; Doc.open (); Doc.write ("---------something------"); Doc.close ();|
The code above is right in most cases. But there is a situation, that is, the parent page explicitly written document.domain = "xxx";
In IE series (IE10 not tried) there will be no permissions error. And in Firefox, Chrome is fine.
Why is that? This is an IE bug, that is, the parent page does not explicitly set Document.domain, the IFRAME will default Document.domain and the parent page, which is
Location.host, the parent-child page is able to communicate, that is, the article header example, but when the parent page explicitly set the document.domain= "", iframe inside the page must also be explicitly set document.domain= "xxx", otherwise it is
Do not have access to iframe.contentWindow.document, that is, there is no way to dynamically write content, in fact, you can also let the iframe point to a specific page, this page explicitly set document.domain= "XXX", The square that begins with the article
The way to write, but the problem is that my parent page has a lot of such iframe, the number is unknown (are advertising bit), so also can not pass a specific page.
So the question comes, in this case, we seem to have no way
1. The parent page is set and must be explicitly set Document.domain
2.iframe page content needs JS dynamic generation.
3. No chance to set SRC for IFRAME.
This way you can explicitly set the document.domain of an IFRAME in line with the parent page.
After writing this, it is true that the requirement of dynamically writing the iframe content is realized, but this page will be bounced out, like window.open ();
What is this for? This is also the bug of IE series, that is, the parent page has <base target= "_blank" ></base>, and the content written by the pseudo protocol of IFRAME will pop up the new page like window.open,
However, the <base> of the parent page must be _self, so the target of base can be set to _self before the iframe.src is called, and the target of base will be set to _blank when the content is finished.
This solves the problem.
Although the pseudo protocol can solve this problem, there are also some risks, if not the last resort, do not use this method.