Reputation: 3131
Possible to intercept XMLHttpRequests coming from inside iframe (same domain)?
I have a page that's loaded using https, and it embeds an iframe on the same domain, also loaded via https.
Inside the iframe, there are some XHR requests to an insecure http URL (the URL is actually to an IP address on the local network) that are being blocked.
Is there any way I can allow the requests to the local IP address? I only have access to edit the code in the parent frame. I can use php or javascript in the parent frame.
Upvotes: 0
Views: 1372
Answers (1)
Reputation: 636
Unless you recompile your browser, CORS explicitly prohibits this and no browser would allow it, unless the local IP machine returns valid CORS headers.
See here for CORS headers info: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Simple_requests
Upvotes: 1
Related Questions
- How can I intercept http requests from an iframe?
- From an iframe, how to send an XMLHttpRequest?
- Is it possible to react to a POST request that was issued from an iframe without CORS?
- Intercepting http requests made from an iframe which contains HTML content from seperate domain
- Making AJAX calls from inside of an iframe with different domain
- Cross-domain javascript on an iframe without access to the target iframe?
- Render secure content inside iframe
- Using http based IFRAME in https URL
- Making JavaScript call across domains
- Iframe and cross domain requests