CODEWITHSUNDEEP
dynamics-crm-2011
user1672517
user1672517

Reputation:

Communicating between IFRAME and an entity

I couldn't make a request to a remote server using JavaScript in the onload function due to access is denied insanity. So, just to make CRM obey, I set up an IFRAME and connect that to a HTML page running my JavaScript. Now, provided that I get some values inside the script (run in an IFRAME) how can I communicate them to a method in the holding parent?

Not quite sure how to explain it more detailed so please feel free to ask.

Upvotes: 1

Views: 2986

Answers (3)

Jason Koopmans
Jason Koopmans

Reputation: 631

postMessage sounds like it might fit.

window.postMessage, when called, causes a MessageEvent to be dispatched at the target window when any pending script that must be executed completes (e.g. remaining event handlers if window.postMessage is called from an event handler, previously-set pending timeouts, etc.). The MessageEvent has the type message, a data property which is set to the string value of the first argument provided to window.postMessage, an origin property corresponding to the origin of the main document in the window calling window.postMessage at the time window.postMessage was called, and a source property which is the window from which window.postMessage is called.

To use window.postMessage, an event listener must be attached:

// Internet Explorer
window.attachEvent('onmessage',receiveMessage);

// Opera/Mozilla/Webkit
window.addEventListener("message", receiveMessage, false);

And a receiveMessage function must be declared:

function receiveMessage(event) {
    // do something with event.data;
}

The off-site iframe must also send events properly via postMessage:

<script>window.parent.postMessage('foo','*')</script>

Any window may access this method on any other window, at any time, regardless of the location of the document in the window, to send it a message. Consequently, any event listener used to receive messages must first check the identity of the sender of the message, using the origin and possibly source properties. This cannot be understated: Failure to check the origin and possibly source properties enables cross-site scripting attacks.

Source: https://developer.mozilla.org/en/DOM/window.postMessage

Upvotes: 2

Konrad Viltersten
Konrad Viltersten

Reputation: 39118

Recently I had the joy of connecting to a web service and retrieve some data. When that’s been achieved, I found myself sitting on the said data not exactly knowing where to put it.

To make the long story short, I used the following source code.

parent.window.Xrm.Page.data.entity.attributes
  .get("new_Konrad").setValue("Viltersten");

Notable is the fact that in order to communicate with the parent form, the HTML file (where my JavaScript resided), needed to be placed as a web resource within the CRM structure. By other words, just by pointing to an external “http://some.where/some.thing” we can consume a service but won’t be able to convey the obtained information up the CRM server, at least not when developing a solution for the on-line version.

Upvotes: 1

Darren Lewis
Darren Lewis

Reputation: 8488

The access is denied is the Same Origin Policy. You're going to run into the same problem from the IFRAME unless you're serving the page or just the script src from the same server you're subsequently trying to make the AJAX request to.

Assuming you are doing the latter then you just need to make sure you have unchecked the "Restrict cross-frame scripting" option on the IFRAME you added to the CRM form. From the IFRAME you will now have access to your function that you've defined at global scope on the parent CRM form via window.parent.yourfunctionNameHere(xyz).

Upvotes: 2

Related Questions