Using <Iframe> for cross-domain communication

What is an IFRAME

IFrame is our usual iframe tag:<iframe>. IFRAME tags are a form of the framework, also more commonly used, the IFRAME is generally used to include other pages, such as we can load other sites on our own website or other pages of the site content.

There are many uses of iframe , so let's say one of the more useful uses of IFRAME----cross-domain communication

Suppose that there are two systems a,b:a a certain page of the system is a part of the display of the content is B system, how to do?

<div class= "Modal-body" id= "Housekeeperbody" >

<iframe src= "http://erp.young51.com/user/indexIframe.action" name= "OpenartDialog14577934462321" frameborder= "0 "Allowtransparency=" true "style=" width:900px; height:565px; border:0px none; " >

This is the page you want to load.

</iframe>
</div>

Here the core property of the IFRAME is "src" it represents the page you want to refer to a request (here the SRC is actually a request to the B system, B will return you an HTML, if the B system is another responsible, then about the other side of the request you do not have to care about). Like other HTML tags, it has some other properties, such as the Name,height,style of the column, and so on.

There is a problem reading here.

JavaScript is not allowed to invoke objects of other pages across domains for security reasons. But the security restrictions also bring a lot of trouble to inject IFRAME or AJAX applications. Here are some simple things to sort out about cross-domain issues:

First what is cross-domain, simple to understand is because of the JavaScript homologous policy limitations, a.com domain name JS can not operate B.Com or c.a.com under the domain name of the object. A more detailed explanation can be seen in the following table:

Url

	Description	whether to allow communication
http://www.a.com/a.js http://www.a.com /b.js	under the same domain name	allow
http://www.a.com/lab/a.js http://www.a.com/script/b.js	different folders under the same domain name	allow
http://www.a.com:8000/a.js http://www.a.com/b.js	Same Domain name, different port	does not allow
http://www.a.com/a.js https://www.a.com/b.js	same domain name, different protocol	not allowed
http://www.a.com/a.js http://70.32.92.74/b.js	domain name and domain name corresponding IP	not allowed
HT Tp://www.a.com/a.js Http://script.a.com/b.js	primary domain same, subdomain different	not allowed
http://www.a.c Om/a.js http://a.com/b.js	same domain name, different level two domain name (ibid.)	not allowed (cookies are not allowed in this case)
http://w Ww.cnblogs.com/a.js Http://www.a.com/b.js	different domain names	do not allow

First, if it is a cross-domain problem caused by protocol and port "front desk" is powerless,

Second: On a cross-domain issue, the domain is only identified by the "header of the URL" and does not attempt to determine whether the same IP address corresponds to two domains or two domains on the same IP.
The "header of the url" refers to Window.location.protocol +window.location.host, which can also be understood as "Domains, protocols and ports must match".

My solution is: document.domain+iframe settings

for examples where the primary domain is the same and the subdomain is different, it can be resolved by setting the Document.domain method . Specifically, the http://www.a.com/a.html and http://script.a.com/b.html two files can be added document.domain = ' a.com ' And then create an IFRAME in the a.html file to control the contentdocument of the IFRAME so that the two JS files can "interact" with each other.

Using <Iframe> for cross-domain communication