如何在沙盒 iframe 上允许 document.domain?
[英]How can I allow document.domain on a sandboxed iframe?
问题描述
I have a sandboxed iframe defined like so:
我有一个像这样定义的沙盒 iframe:
<iframe sandbox="allow-same-origin allow-scripts allow-popups allow-forms allow-modals" src="...">
</iframe>
When I set document.domain inside the iframe, I get the following error:当我在 iframe 中设置document.domain ,出现以下错误:
Uncaught DOMException: Failed to set the 'domain' property on 'Document': Assignment is forbidden for sandboxed iframes.
How can I allow document.domain to be set within the iframe?如何允许在 iframe 中设置 document.domain?
1 个解决方案
解决方案1
0 已采纳 2020-11-05 16:41:00
(answering my own question thanks to comments) (感谢评论回答我自己的问题)
Since you are willing to set the document.domain to allow access between the to contexts, that defeats the purpose of the sandbox altogether.由于您愿意将 document.domain 设置为允许在 to 上下文之间进行访问,这完全违背了沙箱的目的。 So, there is no point in sandboxing the iframe in the first place.因此,首先对 iframe 进行沙箱化是没有意义的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.