0

I have on a webpage an iframe element that loads my other website, and I'm trying to access the content of that webpage in an iframe. This works when both websites are on localhost, but on different domains I get this error : SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement Blocked a frame with origin "http://site1.com" from accessing a frame with origin "http://site2.com". Protocols, domains, and ports must match.

I have control over both websites, I can disable headers or add new. Is there a technical way to enable first site reading the contents of the iframe ?

Zed
  • 4,821
  • 6
  • 34
  • 71
  • Look up CORS. I can't provide i full answer right now. – Scimonster Oct 30 '14 at 15:58
  • [Ways to circumvent the same-origin policy](http://stackoverflow.com/questions/3076414/ways-to-circumvent-the-same-origin-policy). – Teemu Oct 30 '14 at 16:04
  • @Scimonster, I would be really grateful if you could find time to recreate this scenario and try to access contentDocument property of the iframe. Teemu, I'look now into this, I hope I'll find solution, thanks. – Zed Oct 30 '14 at 16:56
  • Possible dupe of [Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement'](http://stackoverflow.com/questions/26329519) – hippietrail May 06 '15 at 01:55

1 Answers1

0

You need to set the Access-Control-Allow-Origin to allow cross-origin resources. This shouldn't be a problem, since you control both domains.

If you're using PHP (for example), you could set the header on site2 like:

header('Access-Control-Allow-Origin: site1.com');

You can use a similar function for other server software.

Scimonster
  • 30,695
  • 8
  • 67
  • 84