Cross domain access permission denied in iframe
Solution 1
That's the cross domain policy restricting you. It's designed to prevent cross site scripting (XSS) attacks.
Basically, only pages from the same domain, protocol and port can alter each other's content.
Solution 2
I faced similar issues when trying to make cross domain calls. For IE8 you can use the following approach
var xdr = new XDomainRequest();
xdr.open("get", "http://domain2");
xdr.onload = function(){
//your code
};
xdr.send();
Additionally in IE only for testing purposes there is an option to add the specific address (domain1 in your case) to the trusted list Tools>Security>Trusted Sites>Sites
and allow it to make cross domain requests by going to custom level
and selecting Access data sources across domains
. Please ensure the second is used only for testing.
Solution 3
If no JSONP solution exists, build a server side proxy.
R_Dhorawat
Updated on June 04, 2022Comments
-
R_Dhorawat almost 2 years
I am trying to embed OWA (Microsoft Exchange Server 2010) in a web page within an
iframe
but I get a JavaScript error on the OWA page saying Access Denied and then none of the controls within the OWA window work.I have to use OWA in web page, I read in the form that cross domain does not work properly. Error comes as:
Client Information
User Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.11) Gecko/20101012 Firefox/3.6.11 GTB7.1 (.NET CLR 3.5.30729)
CPU Class:undefined
Platform: Win32
System Language:undefined
User Language:en-US
CookieEnabled: trueException Details
Date: Wed Oct 27 2010 10:17:05 GMT+0530 (India Standard Time)
Message: Permission denied for<http://domain_2>
to get propertyHTMLIFrameElement.ownerDocument
from<domain_1>
.
Url:http://domain_2/owa/[email protected]/14.0.639.21/scripts/premium/uglobal.js
Line: 1Call Stack
undefinedError()@:0 window$onerror("Permission denied for <http://domain_2> to get property HTMLIFrameElement.ownerDocument from <domain_1>.","http://domain_2/owa/[email protected]/14.0.639.21/scripts/premium/uglobal.js",1)@http://domain_2/owa/[email protected]/14.0.639.21/scripts/premium/uglobal.js:1 (domain_1>.","http://domain_2/owa/[email protected]/14.0.639.21/scripts/premium/uglobal.js",1%29@http://domain_2/owa/[email protected]/14.0.639.21/scripts/premium/uglobal.js:1) function Array$get_Length() { return this.length; } function Array$get_Item(index) { return this[index]; } function Array$get_Enumerator() { return new (Owa.Collections.ListEnumerator)(this); } function Array$remove(oItem) { var index = this.indexOf(oItem); if (index > -1) { this.splice(index, 1); } return index > -1; } function Array$removeAt(iIndex) { if (iIndex < this.length) { this.splice(iIndex, 1); return true; } return false; } function Array$add(oItem) { this.push(oItem); } function Array$clone() {
What I saw is that the error comes when
uglobal.js
which comes with the Exchange in theiframe
trying to access property ofparent
.Message: Permission denied for
<http://domain_2>
to get property HTMLIFrameElement.ownerDocument from<domain_1>
.Is there any other way by which I can use OWA in my page?