Hello,
So we have a webmaster who sets document.domain to some domain. After
that, we try to create and inject text inside an iframe by getting the
iframeID.conten tDocument (or iframeID.conten tWindow.documen t for
MSIE). This results in an 'access denied' issue in MSIE (No problem in
Mozilla). Note that if there is document.domain initialization before
this iframe creation/content injection, there is no problem and all
works well.
To get around this issue, we tried to avoid accessing the iframe
document. Instead we assigned all the content to be injected to
iframe.src.
iframe.src='jav ascript:documen t.write("Conten ts to be injected")
This actually worked and even if there is a document.domain
declaration, we were able to successfully create and inject contents
inside the iframe.
The problem with this was that the maximum URL length in MSIE is 2K
characters. The value of iframe.src cannot be more than that. In our
case, we were going to be injecting contents over 2K all the time.
To address this, we did a work-around like this -
window.frames[iframe.name]['contents'] = "content to be injected";
iframe.src = 'javascript:doc ument.write(win dow["contents"])';
When we do this, it again results in an 'access denied' issue in MSIE
when document.domain is set before creating the iframe. But when
document.domain is not set, this method works well (as is expected).
I think I have explained my problem here - I want to be able to inject
contents inside an iframe and at the same time, have it work when we
have assignments for document.domain (and other similar attributes)
before the iframe creation/injection.
Appreciate any good tips/advise.
Thanks
So we have a webmaster who sets document.domain to some domain. After
that, we try to create and inject text inside an iframe by getting the
iframeID.conten tDocument (or iframeID.conten tWindow.documen t for
MSIE). This results in an 'access denied' issue in MSIE (No problem in
Mozilla). Note that if there is document.domain initialization before
this iframe creation/content injection, there is no problem and all
works well.
To get around this issue, we tried to avoid accessing the iframe
document. Instead we assigned all the content to be injected to
iframe.src.
iframe.src='jav ascript:documen t.write("Conten ts to be injected")
This actually worked and even if there is a document.domain
declaration, we were able to successfully create and inject contents
inside the iframe.
The problem with this was that the maximum URL length in MSIE is 2K
characters. The value of iframe.src cannot be more than that. In our
case, we were going to be injecting contents over 2K all the time.
To address this, we did a work-around like this -
window.frames[iframe.name]['contents'] = "content to be injected";
iframe.src = 'javascript:doc ument.write(win dow["contents"])';
When we do this, it again results in an 'access denied' issue in MSIE
when document.domain is set before creating the iframe. But when
document.domain is not set, this method works well (as is expected).
I think I have explained my problem here - I want to be able to inject
contents inside an iframe and at the same time, have it work when we
have assignments for document.domain (and other similar attributes)
before the iframe creation/injection.
Appreciate any good tips/advise.
Thanks
Comment