tags:

views:

939

answers:

4
+1  Q: 

Altering IFrame attributes from within the IFrame source. Is it possible?

On my computer, I'm using a custom adblock based on HOSTS redirection (so I can have adblock in Chrome). I'm running IIS on my machine, so I have a custom blank 404 error that displays when an iframe-based ad is displayed on a page.

I've modified my 404 error to inherit its background color from its parent so that the ad doesn't look obnoxious on sites with a non-white background. My next challenge is to use my 404 page to completely collapse the iframe so that it doesn't display on the page at all.

Is it possible to alter the containing <iframe /> tag from within the iframe? I just want to change the height & width attributes if this is possible. If so, how would I go about doing this?

+1  A: 

Shouldn't be possible, as sites within iframes can be external site. Allowing them to manipulate the environment they're displayed in would be a browser security risk.

You'd be better off using an adblocking proxy.

ceejayoz  2009-01-19 01:54:42
Unless I'm missing something, an adblocking proxy would be basically the same as what I'm using now. I'm just trying to figure out a way to collapse the IFRAME area, but it does make sense that it's not possible.
Dan Herbert  2009-01-19 02:11:01
The adblocking proxies I've seen remove the ad code from the webpage instead of blocking the IP/URL. The iframe never exists, as it gets stripped out.
ceejayoz  2009-01-19 14:53:54
A: 

If I understand you correctly, you're saying you want your 404 page to trigger a collapse of the iframe when it loads inside it. The easiest way to do this is to create a function in the parent page, and then call it from the 404 when it loads.

For example, if your iframe has the id "advertFrame" you could add the following javascript function to the parent page:

function hideAdvertFrame() {
  var advertFrame = document.getElementById("advertFrame");
  advertFrame.style.height = 0;
  advertFrame.style.width = 0;
}

Then in the 404 page, you can call the function immediately when it loads:

<body onload="window.parent.hideAdvertFrame();">

That said, I think you still might want to consider other options besides cross frame scripting that are less prone to security holes. Maybe your parent page can use AJAX to check if the adblock will have a valid URL before it loads, and then dynamically add it to the page once certain.

David Crow  2009-01-19 02:19:22
That would be a good idea; unfortunately, I have no control over the parent pages. I only have control over the IFrame 404 source. After doing some research, I found that (if the security mechanisms weren't there) there is actually a JavaScript property I could access to change the IFrame easily.
Dan Herbert  2009-01-19 02:28:43
A: 

The page that fills the iframe cannot alter anything about the page that contains the iframe. If it could, then it would be a huge security risk. To be sure, I tried just what you're asking using the two domains that I'm given at school. Simply put, it didn't work; I got a permission denied error in Firebug.

geowa4  2009-01-19 06:41:27
A: 

But what if we use same domain ? I mean the iframe is on the same domain as the parent ?

Keepwalking  2010-05-05 14:29:56
Then you can modify the iframe with JavaScript. You can only access the parent page if you're on the same domain. If you're on a sub-domain, the browser considers the domain different and will block access.
Dan Herbert  2010-05-05 14:46:33

related questions

Web framework programming mindset
ASP.NET - asp:xxx Controls versus standard HTML
From Desktop to Web browser considerations
Which PHP Framework will get me to a usable UI the fastest?
Best practice for integrating TDD with web application development?
How to Manage Web Development?
When is a file just a file?
Recommendations for browser add-on tools to help with development
REALLY Simple Website--How Basic Can You Go?
Convince Firefox to send an If-Modified-Since header over HTTPS
What do the getUTC* methods on the date object do?
Planning and Building a mobile enabled site for your main site.
Firebug for IE
Javascript and PHP - Login Script with hidden buttons
Firebug won't display console feeds for some of my sites
Displaying ad content from Respose.WriteFile()/ Response.ContentType
How can I detect if a browser is blocking an popup?
How to Test Web Code?
What PHP framework would you choose for a new application and why?
How do you disable browser Autocomplete on web form field / input tag?
What is Progressive Enhancement?
In HTML, how to word-break on a dash?
The Definitive Guide To Website Authentication
How do you test layout design across multiple browsers/OSs?
How much of the Web build process do you/should you automate?