i trying embed iframe https site. site being embedded can use http protocol.
i'm getting console error frame blocked because "the frame requesting access has protocol of "https", frame being accessed has protocol of "http". protocols must match".
once have frame working want run code on embedded site. think using postmessage framework should me, don't want code receives messages on embedded page included, want use javascript on parent site inject js file. trying use contentdocument getting error null.
there no requirement support old browsers, new html5 stuff fine long ie10/chrome/safari/firefox latest run it. have full access both servers editing php/apache headers fine.
to answer own question, after several more hours struggle, turns out isn't going possible inject js file when parent https , child http.
however, once gave on dream, quite easy!
before loading iframe, make cors ajax request website site want display in iframe (website b), php file checks http_origin value make sure correct server accessing. if is, sets session variable on website b. then, when load website b website in iframe, uses session value know it's ok include javascript file going inject onto website b.
after that, postmessage stuff worked fine on different protocols no work!
Comments
Post a Comment