问题
I have a unsecure page which opens up a secure (https) page. The secure page needs to update the parent page via a javascript submit() while still remaining the current window. However when I try to do this via javascript I get an "Access Denied" javascript error because the parent page is unsecure.
Any idea of how I can access the parent page, when it isn't secure?
Here is the javascript code that I'm using to perform the submit...
self.opener.parent.frames.item('BODY').document.forms[0].submit();
回答1:
Same-Origin-Policy in browsers means that you cannot do this directly. The "Origin" is composed of Scheme/Protocol and Hostname. In your case, the scheme mismatches, so the cross-document request is blocked.
You can use explicity x-frame communication techniques (Fragment Identifier Messaging or HTML5 PostMessage) to send a message to the outer page to execute an event-handler.
来源:https://stackoverflow.com/questions/1125238/updating-a-http-parent-page-from-a-https-page-via-javascript