Understanding Cross-Domain issue in Iframes

Question

This question might seem silly but I need to understand this for clarity.

According to my understanding, cross-domain problem is when the domain of the webpage which contains the IFRAME is different from the domain of the web-page opened in IFRAME.

Going by that logic, nothing should open in IFRAME ever.

When I embed a web-page "bottom:10700" in the IFRAME of my web-page "top:9700", it gives error.I am not able to see the contents in IFRAME. Error is Access denied in accessing property 'constructor'

I am getting the error while accessing the contructor (_1.contructor)

isc.A.Function=function isc_isA_Function(_1){
  if(_1==null) return false;
  if(isc.Browser.isIE&&typeof _1==this.$a7) return true;
  var _2=_1.constructor;
  if(_2&&_2.$k!=null){
    if(_2.$k!=1)return false;
    if(_2===Function)return true
  }

This script is run when home page of bottom is opened in an iframe contained in top.

Is there any way, I can make this work. I mean can I set both the domains to be same. I don't have access to remote site's script.

Is resizing the frame after redering it once a cross-domain scenario. If not, then certainly remote site is trying to access the IFRAME element..How can I debug this??

Answer 1

Cross-domain issues are about the communication between iframes. You can always embed any iframe but, if domains differ, iframes cannot interact with each other eg execute JS, modify DOM etc.

HTML5 provides a sandbox property that re-enables particular features of the cross-domain iframe interaction. Be careful, it can be dangerous.

Answer 2

It is normal behavior for a page xyz.com to load in an iframe hosted on abc.com. However, you cannot change anything or access its content via code from parent abc.com.

Hope this helped.