问题
I've heard that you can bypass a "blocked a frame with origin from accessing a cross-origin frame" with postMessage() and I've been trying to use it, but it's not working properly. What am I doing wrong?
<iframe src="www.example.com" id = "theID"></iframe>
document.getElementById('theID').contentWindow.postMessage({
document.querySelector("input[value='true']").click();
});
回答1:
You can use your server as a proxy. Assuming that you intend to load page XYZ inside the iframe, you can create an XYZ.php page which sends a request to XYZ and displays the response in the page. You will need to resolve the problems which might arise from relative URLs. Also, make sure that whatever you do is goodwilling and legal.
The flow will look like this:
- request for parent.php is sent to the server
- the server responds with parent.php to the browser
- inside the structure of parent.php you have an iframe pointing to child.php, which is your page as well
- child.php on its turn sends a request to the actual source and sends back the respond it receives to the browser
- an onload event for the iframe will trigger the logic for parent.php which you intended to execute
来源:https://stackoverflow.com/questions/54157154/bypassing-a-blocked-frame-with-origin-from-accessing-a-cross-origin-frame-with-p