I want to load a page from a domain inside an iframe in another domain's page, and then access its content with JS. of course, this would be XSS so I'd get the "Permission denied to get property HTMLDocument..." error. The thing is, I want to do this on my own browser, not in a public access site (i.e. I don't need it to protect me from myself), so I'd gladly turn this kind of security off for a while. I'm using firefox 3.5 and would like to know if this can be done, with this or other browsers.
A:
I know this is going to sound smart-alecky, but I really don't mean it that way. It's an honest suggestion if it'll work for you, because I doubt that any browser will let you edit settings to make it this vulnerable.
Use an older browser. If necessary, install an older OS on a virtual machine to get a browser old enough not to have this defense.
David Stratton
2009-09-19 02:05:25
@David: Even if he follows your advice (though as a watcher of this question, I sincerely hope some easier one is found), the implementation is less involved than you suggest - many web sites exist that store compiled versions of older software, including Netscape, Firefox and possibly even older IE. So hopefully no virtual OS needed.
DVK
2009-09-19 04:27:02