Reputation: 91
Drag and drop cross domains, iframes, browsers windows
Thanks stackoverflow i solved a lot of my javascript problems, but now i stopped at the point without hope. It is hard to describe, there is clear video shows my problem with drag drop cross-domains iframe.
http://www.youtube.com/watch?v=v65mO27h75E
- First part in Iceweasel (and FF, Opera) = iframe d&d work OK.
- Second part in Chromium (and Chrome) = iframe d&d NOT work.
and there are links to example iframes set and iframes sources:
- parent page: http:// msdrop.com/msdrop-jquery-test-iframe-frameset.htm
- iframe A: http:// msdrop.com
- iframe B: http:// nextgd.com/msdrop-jquery-test-iframe.htm
Is it Chrome bug, or security that comes under "Same origin policy"? This is strange because d&d works excellent between two windows, and want not work at all from parent window to iframe.
Thanks for suggestions. Piotr
EDIT: It's possible Chrome/Chromium security mitigation is overly broad. Issue 251718: https://code.google.com/p/chromium/issues/detail?id=251718
Upvotes: 6
Views: 4576
Answers (3)
Reputation: 91
Now, at: http://msdrop.com/msdrop-jquery-test-iframe-frameset.htm there are 4 iframes
- IFRAME A: the same domain as parent
- IFRAME B: other domain
- IFRAME C: the same domain + sandbox="allow-scripts"
- IFRAME D: other domain + sandbox="allow-scripts"
In FF, all frames works that i expects.
In Chrome, and Chromium only on iframe A works all dragover, dragenter, dragleave, and drop events.
Upvotes: 2
Reputation: 11
Adding sandbox="allow-scripts" to the iframe element solves this issue for me.
eg:
<iframe sandbox="allow-scripts" src=".." />
Upvotes: 1
Reputation: 91
i think i found answer, drag and drop events works on iframe when open Chromium or Chrome without restrictions.
chromium-browser --disable-web-security
google-chrome --disable-web-security
But if it is about Google Chrome "web security", why JavaScript Console do not show any info or warrning, and why drag and drop works excellent between two windows, drag and drop works even from firefox to chrome.
edit: Google Chrome: "You are using an unsupported command-line flag: --disable-web-security. Stability and security will suffer." so flag works but is unsupported?
I do not understand.
Upvotes: 1
Related Questions
- Drag and Drop images from another website to mine
- Implement drag and drop with different browser windows
- JavaScript/jQuery drag and drop element between two iframes
- Creating draggable and droppable iframes?
- Making a cross domain iframe interact with drag event
- Detect hover on iframe from different domain
- Drag and Drop in iframe
- How to maintain outside dragging events from a cross-domain `iframe`?
- How to apply drag and drop in iframe from outside HTML?
- draggable iframe