Я разрабатываю простой способ взаимодействия между iframes и получаю странную ошибку XSS, даже если оба URL имеют домен сохранения.
Unsafe JavaScript attempt to access frame with URL file:///home/bryre/sharedData/Programs/javascript/pong/htdocs/connectionWindow.html from frame with URL file:///home/bryre/sharedData/Programs/javascript/pong/htdocs/connectionTest.html. Domains, protocols and ports must match.
Нужно ли иметь их на сервере, чтобы он работал? вот код:
ConnectionTest.html
<html>
<head>
<title>connectionTest</title>
<script src='connection.js'></script>
</head>
<body>
<script>
var windowToConnectTo = document.createElement('iframe')
windowToConnectTo.src = 'connectionWindow.html'
document.body.appendChild(windowToConnectTo)
var connection = new Connection({});
connection.connect(windowToConnectTo, 10);
</script>
</body>
ConnectionWindow.html
<html>
<head>
<title>connectionTest</title>
<script src='connection.js'></script>
</head>
<body>
<script>
var connection = new Connection({});
</script>
</body>
connection.js
function Connection(commands){
this.inDiv = document.createElement('div')
this.inDiv.id = 'in'
this.inDiv.style.disply = 'none'
document.body.appendChild(this.inDiv)
this.commands = commands
}
Connection.prototype = {
attemptConnect: function(to){
to.document = (to.contentWindow || to.contentDocument)
if(to.document.document)
to.document = to.document.document
this.to = to.document.getElementById('in') //ERROR HAPPENS HERE
if(this.to == null)
return false
return true
},
connect: function(to, retryRate){
cThis = this
var interval = setInterval(function(){
if(cThis.attemptConnect(to))
clearInterval(interval)
}, retryRate)
}
}