Unsafe JavaScript attempt to access frame with URL: Domains, protocols and ports must match.

问题

I'm trying to set the height of the app by calling:

FB.init({ appId: fbAppId,
            status: true,
            cookie: true,
            xfbml: true,
            oauth: true,
            channelURL: webUrl + '/channel.html'
        });
FB.Canvas.setAutoResize();

And it doesn't work if it's on HTTP but works on HTTPS.

Sample URL: http://www.facebook.com/ListerineAU/app_300955373319633 - doesn't work https://www.facebook.com/ListerineAU/app_300955373319633 - works

Error message:

Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/ListerineAU/app_300955373319633 from frame with URL https://s-static.ak.facebook.com/connect/xd_arbiter.php?version=5#channel=f35120b198&origin=http%3A%2F%2Fjwteeth.aptira.com&channel_path=%2F%3Ffb_xd_fragment%23xd_sig%3Df2eb2cde4%26&transport=postmessage. Domains, protocols and ports must match.

It seems to be error on FB ends, has anyone else experiencing this?

回答1:

Found this listed on facebook bugs

Latest response from Facebook

Øyvind Sean Kinsey This is an expected exception that is used to test for a condition - this has no side effects. 26/04/2012 22:29 · Status changed to By Design

https://developers.facebook.com/bugs/122268321247958

回答2:

Apparently our company firewall is blocking the path to

http://static.ak.facebook.com/connect/xd_arbiter.php?version=6#channel=f4f408309365a4&origin=http%3A%2F%2F[domain]&channel_path=%2F%3Ffb_xd_fragment%23xd_sig%3Df1af91536f1c7%26&transport=postmessage 

Saying that it contains some insecurity on the script.

来源：https://stackoverflow.com/questions/10577590/unsafe-javascript-attempt-to-access-frame-with-url-domains-protocols-and-ports