Level 122
its a security feature to prevent clickjacking.
Dont use an iframe in this way,
Sep 7, 2020
3
Level 2
Uncaught DOMException: Blocked a frame with origin <URL> from accessing a cross-origin frame
I am generating a dynamic URL in the controller and sending it to the view but when I try accessing it in the browser, I get this error Uncaught DOMException: Blocked a frame with origin <URL> from accessing a cross-origin frame. The URL is from another origin. Your help appreciated.
my controller method:
public function home(){
$user = auth()->user();
$LANGUAGE_CODE = 'tr';
$userId =$user->id;
$DEVICE_ID = md5($userId);
$INBET_LOBBY_URL ="https://rivala0.vlobby.co";
// https://<lobby_host>?l=<LANGUAGE_CODE>&d=<DEVICE_ID>&s=<SESSION_ID>
$FULL_URL=$INBET_LOBBY_URL."?l=".$LANGUAGE_CODE."&d=".$DEVICE_ID;
return view('inbet.home', compact('FULL_URL'));
}
My blade file:
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<div class="container">
<iframe class="responsive-iframe" src="{{$FULL_URL}}" style="border: 0; position:fixed; top:0; left:0; right:0; bottom:0; " allowfullscreen></iframe>
</div>
</body>
</html>
Level 2
Thanks, how do I use the iFrame?
Level 1
Normally, scripts on different pages are allowed to access each other if and only if the pages they originate from share the same protocol, port number, and host. Above error message shows that you can't access an < iframe > with different origin using JavaScript/jQuery, it would be a huge security flaw if you could do it.
window.postMessage() provides a controlled mechanism to securely circumvent this restriction.
Please or to participate in this conversation.