Access Parent URL from iFrame: Restrictions and Workarounds
Accessing the URL of the parent frame from an iFrame can be a challenge, particularly when the iFrame is located on a different subdomain. This is due to security restrictions imposed by cross-site scripting (XSS) prevention measures.
When accessing the iFrame from the same domain and subdomain as the parent frame, accessing the parent's location should be straightforward using expressions like parent.document.location or parent.window.location. However, as highlighted by the user, this approach fails when the iFrame is on a different subdomain.
To further illustrate this point, consider the example provided where pageA.html is hosted on http://www.mysite.com/ and pageB.html (the iFrame) is hosted on http://qa-www.mysite.com/. Attempting to retrieve the parent's URL from pageB.html will trigger an access denied error. This confirms that subdomains are also subject to cross-site scripting restrictions.
While accessing the parent's URL directly is prohibited under these circumstances, there is a workaround that can be utilized. To obtain the URL of the parent frame, the following JavaScript code can be employed:
var url = (window.location != window.parent.location) ? document.referrer : document.location.href;
Note:
The above is the detailed content of How Can I Get the Parent Page's URL from an iFrame on a Different Subdomain?. For more information, please follow other related articles on the PHP Chinese website!