|External Frame Breaking|
A problem I need help with, concerning frame breaking
top.location = parent.frames["frame1"].location;
it throws me a security violation in MSIE and just ignores it in Netscape.
Does anyone know why this is and what I can do to get around it?
Thanks ahead of time for any help :)
Check this discussion [webmasterworld.com] for another way to break out of any frames imposed on your page from an outside domain.
As I understand it, frames is an array, and the arguments are numerical, not alpha. However, even if you use frames, your code will still run into trouble. It's better and simpler to use another approach.
What you need to say is "If this page isn't the top, make it the top." It doesn't matter what document is where in the frames array.
It's not a problem with syntax or anything like that. When I tried this all on the same domain, it worked fine. It's just when I try to get the location attribute on the window object (in this case a frame) on another domain, it throws this security violation.
I understand how that could happen. Access to objects defined on another server raises all kinds of security issues.
Maybe I don't understand what you are trying to do. Is there a problem with the code I linked you to? It doesn't need to address the other domain at all.
|if (parent != self) top.location.replace("yourpage.html"); |
The problem is that I don't have access to the code of the page in the frame I am trying bring to the top. I'm having to do this externally, from another frame.
To access properties in this way, you need to use a signed script with UniversalBrowserRead privileges, and even then it wouldn't be automatic, but would require explicit permission every time it is accessed.
However, I assume you have some relationship to the domain that is framing the original document. If so, there are other ways to accomplish your purpose. The code on the page you want to take to the top can make its properties available to others through a user defined variable, i.e.
Then your code can access the mylocation property without a security violation. I've never tried this myself, but this is the way it's supposed to work in theory.
Thanks for all of your help, Tedster :)