Unsafe JavaScript attempt to initiate navigation for frame with URL

Question

This is a bit complicated, please bear with me. Website A has a iframe that contains website B and website B has a iframe that contain website C.

There is a button on

Answer 1

You can find an explanation of this behavior in a comment of the Chromium source code. See here:

https://code.google.com/p/chromium/codesearch#chromium/src/third_party/WebKit/Source/core/frame/Frame.cpp&sq=package:chromium&rcl=1438193817&type=cs&l=202

Basically top-level windows have less restrictions regarding navigation than other windows. See restrictions for non top windows:

A document can navigate its decendant frames, or, more generally, a document can navigate a frame if the document is in the same origin as any of that frame's ancestors (in the frame hierarchy).

Where as for top window:

Specifically, a document can navigate a top-level frame if that frame opened the document or if the document is the same-origin with any of the top-level frame's opener's ancestors (in the frame hierarchy).

Reason for that is:

Top-level frames are easier to navigate than other frames because they display their URLs in the address bar (in most browsers).

So basically, for a non top window, it absolutely needs to be same origin to allow navigation, but for top windows, a frame that was opened by that window can navigate even if it's not same-origin. Which seems to be the problem you're facing, when B is top, the same origin doesn't apply, but when it's not top, then it applies.

According to this, I'm not sure there's a straightforward, or any at all, solution.