www.webdeveloper.com
Results 1 to 2 of 2

Thread: Same Origin Policy / IFRAME Question

  1. #1
    Join Date
    Aug 2007
    Posts
    94

    Same Origin Policy / IFRAME Question

    Hi all

    I'm pretty desperate for some help.

    I have built a website that needs to integrate with Centinel Commerce for 3D Secure transactions and PayPal. Cutting a long story short, I have written the integration locally, the user submits their card details and then the 3D Secure form appears within an IFRAME in my webpage. I submit the 3D secure form which has a 'return URL' of a script on my site. This script is loaded and depending on the result of the response, I then run a couple of javascript functions to update tables and do a top.location.href redirection. Simple.

    I have just uploaded this code to our test web server and I am now getting the following error message when the 'return url' is loaded and attempts to run my javascript functions:

    Error: Permission denied to access property 'document'

    Also in a addition, for some strange reason the document root of all files linked within the IFRAME refer to the current users document root (i.e. c:/path/goes/here); Ive never seen this before.

    Can someone shed any light as to what this might be? I have read articles on Same Origin Policy but to be honest, all of my scripts that reference files are all on my same hosting server. really confused and down a river without a paddle at the moment.

    Thanks for reading.

  2. #2
    Join Date
    Mar 2009
    Posts
    490
    I imagine its because the protocol is different. The same origin policy not only applies to the domain, but to the port and protocol as well. If you have a page that came down as "http" but your iframe calls it as "https" it also violates the same origin policy.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles