SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement

0
votes

I have on a webpage an iframe element that loads my other website, and I'm trying to access the content of that webpage in an iframe. This works when both websites are on localhost, but on different domains I get this error : SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement Blocked a frame with origin "http://site1.com" from accessing a frame with origin "http://site2.com". Protocols, domains, and ports must match.

I have control over both websites, I can disable headers or add new. Is there a technical way to enable first site reading the contents of the iframe ?

1
javascripthtmliframe
Look up CORS. I can't provide i full answer right now.Scimonster
Ways to circumvent the same-origin policy.Teemu
@Scimonster, I would be really grateful if you could find time to recreate this scenario and try to access contentDocument property of the iframe. Teemu, I'look now into this, I hope I'll find solution, thanks.Zed
Possible dupe of Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement'hippietrail

1 Answers

0
votes

You need to set the Access-Control-Allow-Origin to allow cross-origin resources. This shouldn't be a problem, since you control both domains.

If you're using PHP (for example), you could set the header on site2 like:

header('Access-Control-Allow-Origin: site1.com');

You can use a similar function for other server software.