问题
I would like to create a web page which is a main page that has one iframe whose content does not come from the same host as the main page but I would like to know which page the user is currently browsing in the iframe.
For example, I have a main page with a button bound with an Javascript event and an iframe that load content from a site like google.
A user can navigate the content in iframe as he wants but when the button in the main page is clicked, the current url in the iframe must be popped up.
I already tried it but since the same origin policy always applies, an error like this Permission denied to access property 'location' occurs. I do know that it makes sense according to SOP but I really need to do it. I would like to know if there is some hack that can do the trick or I have to admit the restriction and design my app the other way.
回答1:
If there was such a trick, it would make browser security invalid and expose privacy issues. These things are there for a reason.
You can disable this for YOURSELF, but bypassing it for others is evil.
See:
Disable same origin policy in Chrome
来源:https://stackoverflow.com/questions/8787775/know-which-page-the-user-is-browsing-in-iframe