tags:

views:

243

answers:

2
Q: 

Top level domain detection across nested iframes and different domains via javascript?

I know about iframes from different domains unable to access pretty much anything on the parent level, BUT, all I would need to know is the top-most domain. Here is the scenario:

ABC.com loads an iframe from DEF.com that loads an iframe from XYZ.com. On the level of XYZ.com I need to know that ABC.com is the top most domain.

Any thoughts? Assuming top and intermediaries cooperation or without cooperation, are there any hacks for different browsers or?

I have been able to come up with several different ways to do this kind of thing on Firefox, but I'd be interested to see this exploited for IE in some way.

A: 

I can't remember if the same-origin-policy prevents reading of the location or not (obviously, writing or modifiction is out). But you can test it very easily.

From a page on XYZ.com

alert( top.location.href );
Peter Bailey  2010-01-13 23:04:10
That would get you a permission denied on FF and access denied on IE...
fixanoid  2010-01-13 23:12:32
A: 

Peter is right.. just one little change, since u want the domain not the full url top.location.host - gives the port with the name or top.location.hotname - just domain name

NetRoY  2010-01-14 00:06:53
I'm afraid this doesnt work either. You get permission denied on IE, I will try this with other browsers, but given that this is a "legal" method, I've scanned this over before and it doesnt work in the scenario outlined above.
fixanoid  2010-01-15 15:41:05

related questions

What JavaScript patterns do you use most?
Javascript events
What style do you use for creating an "class" in JavaScript?
Graphing JavaScript Library
What's the difference in closure style
Getting the text from a drop-down box
How to specify javascript to run when ModalPopupExtender is shown
Length of Javascript Associative Array
How Do I Post and then redirect to an external URL from ASP.Net?
How to set up a CSS switcher in ASP.NET
Wrapping lists into columns
Javascript keyboard events primer? (or rather: help me with my custom dropdown)
Http Auth in a Firefox 3 bookmarklet
Best Debugging Tools for JavaScript/xulrunner Development
How can I turn a string of HTML into a DOM object in a Firefox extension?
Call ASP.NET Function From Javascript?
Javascript troubleshooting tools in IE
MAC addresses in JavaScript
Capturing TAB key in text box
CSS Background Color in Javascript
How can I make the browser see CSS and Javascript changes?
Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?
ASP .Net Custom Client-Side Validation
What JavaScript library would you choose for a new project and why?
Detecting font in JavaScript