Cross domain access permission denied in iframe_问答_开发者

Cross domain access permission denied in iframe

开发者 https://www.devze.com 2023-01-21 08:40 出处：网络

I am trying to embed OWA (Microsoft Exchange Server 2010) in a web page within an iframe but I get a JavaScript error on the OWA page saying Access Denied and then none of the controls within the OWA

I am trying to embed OWA (Microsoft Exchange Server 2010) in a web page within an iframe but I get a JavaScript error on the OWA page saying Access Denied and then none of the controls within the OWA window work.

I have to use OWA in web page, I read in the form that cross domain does not work properly. Error comes as:

Client Information

User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11 GTB7.1 (.NET CLR 3.5.30729)
CPU Class: undefined
Platform: Win32
System Language: undefined
User Language: en-US
CookieEnabled: true

Exception Details

Date: Wed Oct 27 2010 10:17:05 GMT+0530 (India Standard Time)
Message: Permission denied for <http://domain_2> to get property HTMLIFrameElement.ownerDocument from <domain_1>.
Url: http://domain_2/owa/testuser@exch2k10.com/14.0.639.21/scripts/premium/uglobal.js
Line: 1

Call Stack
undefinedError()@:0 window$onerror(&quot;Permission denied for <http://domain_2> to get property HTMLIFrameElement.ownerDocument from <domain_1>.&quot;,&quot;http://domain_2/owa/testuser@exch2k10.com/14.0.639.21/scripts/premium/uglobal.js&quot;,1)@http://domain_2/owa/testuser@exch2k10.com/14.0.639.21/scripts/premium/uglobal.js:1 (domain_1>.&quot;,&quot;http://domain_2/owa/testuser@exch2k10.com/14.0.639.21/scripts/premium/uglobal.js&quot;,1%29@http://domain_2/owa/testuser@exch2k1开发者_开发百科0.com/14.0.639.21/scripts/premium/uglobal.js:1) function Array$get_Length() { return this.length; } function Array$get_Item(index) { return this[index]; } function Array$get_Enumerator() { return new (Owa.Collections.ListEnumerator)(this); } function Array$remove(oItem) { var index = this.indexOf(oItem); if (index > -1) { this.splice(index, 1); } return index > -1; } function Array$removeAt(iIndex) { if (iIndex < this.length) { this.splice(iIndex, 1); return true; } return false; } function Array$add(oItem) { this.push(oItem); } function Array$clone() {

What I saw is that the error comes when uglobal.js which comes with the Exchange in the iframe trying to access property of parent.

Message: Permission denied for <http://domain_2> to get property HTMLIFrameElement.ownerDocument from <domain_1>.

Is there any other way by which I can use OWA in my page?

That's the cross domain policy restricting you. It's designed to prevent cross site scripting (XSS) attacks.

Basically, only pages from the same domain, protocol and port can alter each other's content.

I faced similar issues when trying to make cross domain calls. For IE8 you can use the following approach

var xdr = new XDomainRequest();
xdr.open("get", "http://domain2");
xdr.onload = function(){
    //your code
};
xdr.send();

Additionally in IE only for testing purposes there is an option to add the specific address (domain1 in your case) to the trusted list Tools>Security>Trusted Sites>Sites and allow it to make cross domain requests by going to custom level and selecting Access data sources across domains. Please ensure the second is used only for testing.

If no JSONP solution exists, build a server side proxy.