iframe

问题 I have been reading a lot regarding iframes and clickjacking, and was not able to find the information I am looking for. Can you help me out with below questions? How does Iframe clickjacking spread? I have seen lot of articles which mentions editing of html code in the local machine and by the same they are able to hijack users click by adding an invisible button. But, this is a modified logic on a local machine of a user. I am interested in knowing is it possible to push this same code to

问题 I am trying to access the opener of a popup using the window.opener reference in the popup's script file. Consider the following script included in the popup.html: http ://localhost/test/popup.html <script> alert(window.opener.test_dom); </script> This works when no iframe is involved, we will see the alert message from popup.html: http ://localhost/test/base.html <html> ... <script> var test_dom = 'test_dom'; var popup = window.open("http://localhost/test/popup.html",... </script> </html>

问题 I would like to change the property of an element inside iframe in angular 2 typescript similar to the javascript code document.getElementById('iframeId').window.document.getElementById('home-grid').style.visibility = "hidden"; My Angular typescript code: var iframe = document.getElementById('iframeId'); var insideDoc = iframe.contentDocument || iframe.contentWindow.document; Error on compiling the code: stream.js:74 throw er; // Unhandled stream error in pipe. ^ Error: ./angularapp/web

问题 So, the error message is the security restriction to access a parent frame or window from within an (i)frame from a different domain. (Unsafe javascript attempt to access frame with URL xxx from frame with URL yyy. Domains, protocols, and ports must match). However, there is no line shown in webkit or chrome from where this error is generated. So how do I get a list of the lines that infringe upon this? I know I can just search, but does this apply to cookies as well (document.cookie, etc) ?

问题 So, the error message is the security restriction to access a parent frame or window from within an (i)frame from a different domain. (Unsafe javascript attempt to access frame with URL xxx from frame with URL yyy. Domains, protocols, and ports must match). However, there is no line shown in webkit or chrome from where this error is generated. So how do I get a list of the lines that infringe upon this? I know I can just search, but does this apply to cookies as well (document.cookie, etc) ?

问题 I have an Iframe for a page that allows people to sign up for my email newsletters. I want to auto fill the email field in the iframe based on the querystring url (page.html?email=email) I know how to do the querystring stuff, I'm just not sure If I'm able to access the input text box within the frame. The form or the textbox neither have id's they only have names. I've tried the following.. $("email_frame").contents.find('input[name=email]').append("test"); Any help would be great. 回答1: If

问题 In our application we have some elements that work with ajax. We offer users to embed parts of the app in an iframe. Everything work fine in Chrome and Mozilla. In Safari we get 422 error, and the server log looks like this: 2015-07-15T08:26:06.818885+00:00 app[web.1]: Completed 422 Unprocessable Entity in 4ms 2015-07-15T08:26:06.815411+00:00 app[web.1]: Can't verify CSRF token authenticity 2015-07-15T08:26:06.823389+00:00 app[web.1]: ActionController::InvalidAuthenticityToken

问题 In our application we have some elements that work with ajax. We offer users to embed parts of the app in an iframe. Everything work fine in Chrome and Mozilla. In Safari we get 422 error, and the server log looks like this: 2015-07-15T08:26:06.818885+00:00 app[web.1]: Completed 422 Unprocessable Entity in 4ms 2015-07-15T08:26:06.815411+00:00 app[web.1]: Can't verify CSRF token authenticity 2015-07-15T08:26:06.823389+00:00 app[web.1]: ActionController::InvalidAuthenticityToken

问题 I'm trying to embed a Youtube channel into a HTML page. For example I take this channel address: http://www.youtube.com/aaaa I used this code: <html> <head> </head> <body> <iframe src="http://www.youtube.com/aaaa"></iframe> </body> </html> The problem is that it doesn't work. I tried with another site, and it works. What can be the problem? 回答1: The problem seems to be induced by this URL:http://www.youtube.com/aaaa. I tried some other URLs and it works. You can try some URLs easily here. Try

问题 My asp.net application has a master page, a content page and a user control. In the main master page there is a link which displays a fancybox as an iframe. The iframe has a form to login to the page. The iframe is a new masterpage which has the content page of the login which has the user control of the login. When the user clicks on the button to login the server side checks if the credentials are ok and if not it displays a message. All this with a custom validator. My problem is that when