Need to Have Parent Scroll to Top When iFrame Opens

Forum Moderators: open

Message Too Old, No Replies

Need to Have Parent Scroll to Top When iFrame Opens

XSS issue iFrame call MUST be Relative

TheMadScientist

10:29 pm on May 1, 2010 (gmt 0)

This post is in response to this 'not so recent thread' [webmasterworld.com...] because I did not see the fix posted and had to do it myself.

There is an XSS issue with allowing an iFrame to control a parent window, so the iFrame must reference a relative URL.

<iframe src="/the-iframe-source/page.html">

Using the preceding, the following in the <body> tag of the iFrame should work in most major browsers. (AFAIK)

<body onLoad="window.parent.scroll(0,0);">

NOTE: This is currently being tested, so if anyone notices (or knows) of a necessary difference, please post, and I'll post again if there are issues noticed or it's necessary to make any changes, but currently it seems to be working well.

EDITED TO: window.parent.scroll(0,0); to be 'more correct'.

tangor

11:09 pm on May 1, 2010 (gmt 0)

You continue to live up to your nom de plume, MadScientist!

Personally don't use iFrames (I'm a Frameset kind of guy...joking a bit, but not by much), but this is intriguing!

TheMadScientist

11:24 pm on May 1, 2010 (gmt 0)

You continue to live up to your nom de plume, MadScientist!

Phew! I honestly actually hesitated when I signed up for it, because I wasn't sure if I could do it or not, glad to know someone thinks I'm pulling it off because it's one of those names you kind of have to be able to live up to IMO. Thanks :)

[edited by: TheMadScientist at 11:29 pm (utc) on May 1, 2010]

tedster

11:25 pm on May 1, 2010 (gmt 0)

Thanks much - I added a note to the original thread linking it here.

TheMadScientist

11:28 pm on May 1, 2010 (gmt 0)

Thanks Tedster! I figured it was something people would want to know there is a solution for without having to completely change tactics.