tags:

views:

43

answers:

2
Q: 

Preventing javascript running in a HREF

Hi,

I have a problem with the following HTML:

<a href="javascript:document.formName.submit();" target="iframe">

Where formName is the name of a form inside the iframe. I would like the browser to navigate to the page "javascript:..." in the iframe, so it executes the javascript on the current page in the iframe. My problem is that the browser will attempt to execute the function and use the returned result as the url. Of course there is no form to submit on the current page, so I just get an error.

A: 

In this case, you can do it by reaching inside the iframe:

<a href="javascript:window.frames[N].contentDocument.FORMNAME.submit()">

(that may not be exactly the right incantation). In general, you should do this with an onclick handler for the hyperlink, that invokes a function defined by the iframe's document.

EDIT: There is NO WAY to make this work cross-domain. It's a violation of the browser's security policies.

Zack  2010-10-20 19:43:42
I have tried this method, and it does work in most browsers as long as the iframe is on the same domain, however most browsers restrict access to the iframe's content if it is on a separate domain.
Jon  2010-10-20 19:51:39
If the iframe is on a separate domain, there is nothing the OP can do that will work. Therefore I assumed same-domain.
Zack  2010-10-20 22:14:13
+2  A: 

Cross domain iframes are no fly zones, you won't be able to do anything with or to the DOM inside of a frame on a different domain. Even if the user clicked the submit button inside the frame, your page would not be able to get the new url back out of the frame.

Blaise  2010-10-20 20:51:54

related questions

embedding one kind of syntax inside another: is it kludge or clever?
snap.com snapshots disobeys Same Orgin Policy?
Security and Cross Domain with ASP.NET MVC JsonResult and jQuery
Accessing ASP.NET 2.0 web services from Silverlight 2.0
Asynchronous cross-domain POST request via JavaScript?
How to make cross-domain communication between JavaScript and Flash?
Silverlight Crossdomain
Silverlight: How to ignore (the absence of) crossdomain.xml with System.Net.WebClient?
Cross Domain security error in Silverlight?
How to carry out Cross Domain request in a Webbrowser Control?
How to set current document.domain in WebBrowser Control to avoid "Access is denied"?
Setting cross-domain cookies in Safari
Can I use an <img> tag to send cookies across domains?
Implementations of Subspace JavaScript cross-domain communication?
Cross Domain Javascript Bookmarklet
How to add a user in a different Active Directory Domain in C#?
Embedding text/html in an Object (instead of an iframe)
problem with cross-domain ajax calls...
Cross Domain JSON Enabled WCF
Is it possible to hide/close and iframe from within itself or on the server side?
Cross browser scripting proxy
Secure iframe on unsecure page in a different domain
cross-domain hosted Silverlight app not loading in a https webpage
Cross Domain User Tracking
Running Google Analytics in iframe?