5

I'm getting this problem in Chrome (Running the files locally) when I try to change the src of an Iframe inside iframe, I am getting this Error Message

Error = Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a frame with origin "null" from accessing a frame with origin "null". Protocols, domains, and ports must match.

This the code that I'm using to retrieve the iframe

iframe = $("iframe").contents().find('iframe'); iframe.attr("src", url);`

I don't get this issue when I upload the files to the server. But if I open them locally I get the error.

It works good in firefox and safari.

How can i do this in chrome and in other browser ?

Improve this question
4
  • Why are you doing this? Seems like there may be a nicer approach than multi-layered iframes. Commented Mar 25, 2014 at 5:10
  • You are running into issues relating to Same Origin Policy. To test locally, make sure not to hard-code domain names. Commented Mar 25, 2014 at 5:10
  • It's a security feature in Chrome. Commented Mar 25, 2014 at 5:16
  • @user3232331 Not certain, 2 iframes ? Or 1 document with 1 iframe ? Thanks for sharing. Commented Mar 25, 2014 at 5:56

1 Answer 1

Reset to default
12

Security features built into all browsers ensure that Javascript cannot interact with objects in other windows and/or frames if those Windows or frames were loaded from a different site. This is commonly known as the "same origin policy". Whether something was loaded from a different site is determined by the hostname part of the URL. If for example the outer frame is loaded from http://yoursite.com and the inner frame is loaded from http://example.com then Javascript running in the scope of the outer frame will not be able to access or modify any properties or objects within the scope of the inner frame.

In this case the specific error is indicating that your Javascript, which is running in the context of the outer frame, is denied from accessing an object (contentDocument) whose scope is the inner frame. Hidden somewhere in the jQuery you are trying to use will be an implicit access to the frame's document element (as accessed by the contentDocument property of that iframe).

You may be able to work around this by destroying the iframe and re-creating a new iframe with the desired src.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.