I have a page with a large iframe that contains a majority of the content. The user interacts with the website by clicking around within the iframe. The functionality I'm trying to build is: When a user navigates away from my site, I do them a favor and bust out of the iframe.
The iframe has an onload event which is fired every time a new page is loaded, cross-domain or not.
<iframe id="testframe" src="http://mysite.com" onload="testframe_loaded()"></iframe>
Each time the event is fired, I'm looking for some way to:
A) Detect when the user navigates to a different domain
B) Bust out of the iframe.
I suspect that B isn't possible, since browsers don't give access to
document.getElementById("testframe").contentDocument.location.href
when the iframe is cross-domain. I'm also not sure whether or not A is possible.
If anybody has ideas as to how to accomplish this, or is positive that it can't be done, I'd appreciate the advice.
Thanks
You can do A, since if you get a security error (which you can catch), that's means they're cross-domain :) Then you can resize the iframe to be the whole page. But I think you're right you can't actually bust out, without explicit cooperation from the other domain.
EDIT: You're right you don't need to poll. Here's the basic code:
<html>
<head>
<title>Cross-domain frame test</title>
<!-- http://stackoverflow.com/questions/2365822/detect-when-iframe-is-cross-domain-then-bust-out-of-it/2365853#2365853 -->
<script type="text/javascript">
function checkForCross()
{
var iframe = document.getElementById("myFrame");
try
{
var loc = iframe.contentDocument.location.href;
} catch(e)
{
iframe.setAttribute("style", "border: 0; margin: 0; padding: 0; height: 100%; width: 100%;");
}
}
</script>
</head>
<body>
<iframe name="myFrame" id="myFrame" src="child.html" style="height: 50%; width: 50%;" onload="checkForCross()"></iframe>
</body>
</html>
set the 'target' attribute on external links to '_top'.
This works for chrome at least (not tester on other browsers)
if(parent.location.host != undefined){
alert("hello world!");
}else{
throw "cannot access parent!";
}
It will still throw the "unsafe javascript attempt" warning, but this doesn't stop code execution. Instead the variable is returned as undefined.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 来,给爷笑一个 的文章《Detect when iframe is cross-domain, then bust out 》','https://www.manongdao.com/article-230088.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}