By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,847 Members | 3,242 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,847 IT Pros & Developers. It's quick & easy.

cross domain scripting problem in IE6 (not IE7)

P: n/a
Hi
We have a website that has just had some SSL changes made to it.
Specifically the iframe src was changed to 'javascript:new String("")'
as about:blank prompts a message about "mixed content on pages'

Now we get a message "Access is denied" when accessing anything in an
iframe using
TopDocument().frames["iframe_theID']

TopDocument() is top.window.document (I think its the equivilent)

This is in IE6, this same code works in IE7. This is also only off one
machine, when installed on another machine it seems to work. Begs the
question what happens when it goes to customers (yes, some still have
IE6)

Any ideas?
Sep 22 '08 #1
Share this Question
Share on Google+
4 Replies


P: n/a
co**********@googlemail.com writes:
Hi
We have a website that has just had some SSL changes made to it.
Specifically the iframe src was changed to 'javascript:new String("")'
as about:blank prompts a message about "mixed content on pages'
Ugh.
Now we get a message "Access is denied" when accessing anything in an
iframe using
TopDocument().frames["iframe_theID']

TopDocument() is top.window.document (I think its the equivilent)
It's probably not.
This is in IE6, this same code works in IE7. This is also only off one
machine, when installed on another machine it seems to work. Begs the
question what happens when it goes to customers (yes, some still have
IE6)
Any particular reason you don't initialize the iframe with a blank page
hosted on the same server as the rest of the page?

--
Joost Diepenmaat | blog: http://joost.zeekat.nl/ | work: http://zeekat.nl/
Sep 22 '08 #2

P: n/a
On 22 Sep, 17:44, Joost Diepenmaat <jo...@zeekat.nlwrote:
codefragm...@googlemail.com writes:
Hi
* We have a website that has just had some SSL changes made to it.
Specifically the iframe src was changed to 'javascript:new String("")'
as about:blank prompts a message about "mixed content on pages'

Ugh.
Now we get a message "Access is denied" when accessing anything in an
iframe using
TopDocument().frames["iframe_theID']
TopDocument() is top.window.document (I think its the equivilent)

It's probably not.
This is in IE6, this same code works in IE7. This is also only off one
machine, when installed on another machine it seems to work. Begs the
question what happens when it goes to customers (yes, some still have
IE6)

Any particular reason you don't initialize the iframe with a blank page
hosted on the same server as the rest of the page?

--
Joost Diepenmaat | blog:http://joost.zeekat.nl/| work:http://zeekat.nl/

Assuming I have a blank page at the root of my website/virtual
directory, I don't know how my website has been deployed, and the
iframe is being created from some nested url do you have some example
javascript?

Sep 23 '08 #3

P: n/a
co**********@googlemail.com writes:
On 22 Sep, 17:44, Joost Diepenmaat <jo...@zeekat.nlwrote:
>codefragm...@googlemail.com writes:
Hi
* We have a website that has just had some SSL changes made to it.
Specifically the iframe src was changed to 'javascript:new String("")'
as about:blank prompts a message about "mixed content on pages'

Ugh.
[ ... ]
Assuming I have a blank page at the root of my website/virtual
directory, I don't know how my website has been deployed, and the
iframe is being created from some nested url do you have some example
javascript?
Assuming your initial html file is in the same "directory":

<iframe src="blank_page.html"></iframe>
--
Joost Diepenmaat | blog: http://joost.zeekat.nl/ | work: http://zeekat.nl/
Sep 23 '08 #4

P: n/a
Assuming I have a blank page at the root of my website/virtual
directory, I don't know how my website has been deployed, and the
iframe is being created from some nested url do you have some example
javascript?

Assuming your initial html file is in the same "directory":

<iframe src="blank_page.html"></iframe>
It won't be in the majority of cases, i.e. we use lots of iframes on
many different pages for various reasons. The problem I have is that
the url for my site might be
http://machine:port/Base (website)

or

http://machine:port/vdname/Base (virtual directory)

location only seems to give you address up to the port while vdname
(virtual directory name) is unknown.

Also the webpages (70+) are all in various folders so the iframe is
likely to be on a page somewhere in a folder but not at the root. I
don't want to put blank.html files in every folder.

This is asp.net so I can use that to get the url but I -believe- (may
not be true) that the folder asp.net shows you may not be the real
one, due to some kind of mapping?

thanks for the reply
Sep 23 '08 #5

This discussion thread is closed

Replies have been disabled for this discussion.