First of all, I checked this post already: Facebook: Unsafe JavaScript issue (document.domain values should be same)

But that is about a page on Facebook. The error I'm getting in my Chrome console on a page on my own website is:

Blocked a frame with origin "<mydomain>" from accessing a frame with origin "https://www.facebook.com". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match. fckeditorcode_gecko.js:36

To be sure, I logged out from Facebook, but still the error occurs.

line 36 in fckeditorcode_gecko.js:36 starts with:

var FCKTools={};FCKTools.CreateBogusBR=function(A){var B=A.createElement('br');B.setAttribute('type','_moz');return B;};

How to fix this?

This seems to be a conflict between FCKEditor library and a library of facebook you included in the page. Probably the Like Button, I had the same with +1 button of Google Plus with api.google.com.

Quick Fix: Remove one the 2 library

Your FCK Editor library seems old also, you can update it here: http://ckeditor.com/

Another quick hack to fix it. But I'm not sure of the side effect: open "fckeditorcode_gecko.js": CTRL+F to search the string:

"if (A.document) A.document.parentWindow=A"

and replace it with

"return"

Best,

You can't, due to the Same Origin Policy.

It appears you are trying to add a <br> tag to the document in the frame. The domain, protocol and port must match for you to achieve this, or CORS must be implemented by the requested resource in the frame.

I had the same problem with ckeditor (image uploader).

Here is what I have in htaccess:

RewriteCond %{HTTP_HOST} ^www\.yousite\.co\.il
RewriteRule ^(.*)$ http://yousite.co.il/$1 [R=301,L]

Anyone trying to hit www will get redirected to the site without www.

However, my admin page does not use the same htaccess rules and when I try to send ajax request with file from www.mysite/admin to mysite/admin and this create this problem.

Adding www to the url admin page string made it all work.