Reputation: 52952
How do I disable the access denied message when trying to do cross scripting into an iframe?
I have an iframe that points to a website ie.
<iframe src='http://www.fish.com/' id='fish'>
I have a html on my local pc that tries to click a button in the iframe:
alert ( $('#fish').contents().find('#myButton').length );
I have enabled cross site scripting in my browser and lowered security to the max. I still get access denied errors. I have tried in IE6, IE8, and Firefox. How can I remove this restriction? I am trying to test something, and understand the risks etc.
Here is an example:
Using the exact code above.
Upvotes: 2
Views: 1720
Answers (1)
Reputation: 236092
Firefox needs the option signed.applets.codebase_principal_support set to true (about:config).
Chrome needs to get started with --disable-web-security
IE needs the option allow cross-domain access (...) under Extras -> Security
Those options will disable the security check for cross-domain access on XHR objects and iframes.
Upvotes: 2
Related Questions
- javascript - bypassing iframe cross domain security
- How to disable direct access to Iframe
- cross site scripting with Iframe
- Can't access content of iFrame because of Cross domain restriction
- Cross-domain JavaScript iFrame-parent access blocked
- Suppressing "permission denied" errors in Javascript
- Cross Site Scripting Iframe Permission Denied issue
- Setting iframe `src` in Javasscript throws 'Permission Denied' error in Internet Explorer
- Accessing iframe elements across different domains
- Cross site scripting?