|Need to Have Parent Scroll to Top When iFrame Opens|
XSS issue iFrame call MUST be Relative
| 10:29 pm on May 1, 2010 (gmt 0)|
This post is in response to this 'not so recent thread' [webmasterworld.com...] because I did not see the fix posted and had to do it myself.
There is an XSS issue with allowing an iFrame to control a parent window, so the iFrame must reference a relative URL.
Using the preceding, the following in the <body> tag of the iFrame should work in most major browsers. (AFAIK)
NOTE: This is currently being tested, so if anyone notices (or knows) of a necessary difference, please post, and I'll post again if there are issues noticed or it's necessary to make any changes, but currently it seems to be working well.
EDITED TO: window.parent.scroll(0,0); to be 'more correct'.
| 11:09 pm on May 1, 2010 (gmt 0)|
You continue to live up to your nom de plume, MadScientist!
Personally don't use iFrames (I'm a Frameset kind of guy...joking a bit, but not by much), but this is intriguing!
| 11:24 pm on May 1, 2010 (gmt 0)|
|You continue to live up to your nom de plume, MadScientist! |
Phew! I honestly actually hesitated when I signed up for it, because I wasn't sure if I could do it or not, glad to know someone thinks I'm pulling it off because it's one of those names you kind of have to be able to live up to IMO. Thanks :)
[edited by: TheMadScientist at 11:29 pm (utc) on May 1, 2010]
| 11:25 pm on May 1, 2010 (gmt 0)|
Thanks much - I added a note to the original thread linking it here.
| 11:28 pm on May 1, 2010 (gmt 0)|
Thanks Tedster! I figured it was something people would want to know there is a solution for without having to completely change tactics.