在IE中防止“SCRIPT5：访问被拒绝”错误

Question

Scenario: Page A on A.com that has an IFrame containing Page B on B.com. Page B uses jQuery 1.10.1 and does not need to communicate with Page A.

Regardless of this fact, in IE9 and IE10, jQuery generates a "SCRIPT5: Access is denied." error and seemingly refuses to execute any jQuery at all. I have no need of cross-domain communication, AJAX requests, etc., but I do need jQuery to load and execute without errors in Page B.

Is there a way to prevent this error from appearing (and inhibiting code execution) in IE9 and IE10? (FYI, other browsers similarly generate "access denied" errors, but they do not hinder code execution)

---

UPDATE:

jsFiddle: http://jsfiddle.net/86q5k/4/

The contents of the host page are (from the jsFiddle):

<iframe src="http://endorkins.com/test-iframe.html"></iframe>

The contents of the iFramed page are:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <script type="text/javascript" src="http://code.jquery.com/jquery-1.10.1.min.js"></script>

    <script type="text/javascript">
        $(document).ready(function() {
            console.log('Hello!  Congratulations.  Your browser is neat, and doesn\'t sniff glue! (http://bit.ly/12QTvTT)');
        });
    </script>
</head>
    <body>
    </body>
</html>

Result in Chrome (Notice the message in the console):

Result in IE 9.0.8112 (Notice the omission of the message in the console):

Answer 1

I found a workaround. This appears to be a bug ("feature"?) in jQuery 1.10.1. Using jQuery 1.10.0, the error no longer occurs:

http://jsfiddle.net/86q5k/5/

<iframe src="http://endorkins.com/test-iframe-1.10.0.html"></iframe>

Strange. Very strange. If anyone knows the reason why this is happening in 1.10.1, and how to fix it, I (and jQuery minions around the globe) would certainly be very interested to know! :)

---

UPDATE: Looks like this is a legit jQuery 1.10.1 bug: http://bugs.jquery.com/ticket/13980

---

UPDATE: According to @emanuele-greco, this is fixed in 1.10.2 and up. So, upgrading your version of jQuery will likely fix the problem.

Answer 2

Ok I Found the same problem and fixed it with the weirdest and most horrible solution ever.

I'm trying to use an image to popup the file upload dialog, then do an automatic form submit on the change event. I had resigned my self that in IE the users were going to have to click an image to do the post. I placed the image on the form (like i have in several places on the site. This to generated the access denied error, In shock I clicked it again and Yep got the error. On the third click it worked. So I tried it again with the same results first two clicks error and the third worked. And teh simple Javascript code that is ugly as home made soap but now works is

var files= document.getElementById("newfiles");
files.onchange = addFiles;

function addFiles() {
    try {
        $("#fileupload").submit();
    } catch (e) {
        try {
            $("#fileupload").submit();
        } catch (e) {
            try {
                $("#fileupload").submit();
            } catch (e) {
                alert(e);
            }
        }
    }
};

Answer 3

Make sure also that you are not loading your jQuery asset from a CDN such as Google Hosted Libraries. Because the domain is different, that violates certain security protocols that Microsoft uses to protect against Cross Site Scripting in Internet Explorer.