Does not allow inverse iframe conversion

Question

Does not allow inverse iframe conversion

Hi, I have iframes on my page, one works fine and the other doesn't work, giving an error since it doesn't allow cross cropping. Sample code below:

<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org /TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <script type="text/javascript" src="../script/jquery.js"></script> <title>Cancellation Policy</title> </head> <body> <span>Some text goes here.</span> <br /><br /> <iframe src="http://www.w3schools.com/"></iframe> <iframe src="https://www.google.co.in/?gws_rd=cr&ei=-bmBUo24M6npiAeepICYAg"></iframe> </body> </html>

Any help is very helpful.

+7

jsp iframe

user2823355 Nov 12 '13 at 5:35

source share

2 answers

user2823355 · Answer 1 · 2013-11-12T06:45:58+0000

Hi, I found a solution to the problem. The problem is that domains that are restricted to access other domains, as they can hack information here, is a link that explains about cross-domain policies.

And we can proceed from this problem by receiving html Content and displaying it in our domain, and not directly contact another domain. And here is the link

 <%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEncoding="ISO-8859-1"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org /TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <script src="http://code.jquery.com/jquery-1.2.3.min.js"></script> <title>Cancellation Policy</title> </head> <body> <span>Some text goes here.</span> <br /><br /> <iframe src="http://www.w3schools.com/"></iframe> <iframe src="https://www.google.co.in/?gws_rd=cr&ei=-bmBUo24M6npiAeepICYAg"></iframe> <script> var url = 'https://www.google.co.in/?gws_rd=cr&ei=-bmBUo24M6npiAeepICYAg'; $.getJSON('http://whateverorigin.org/get?url=' + encodeURIComponent(url) + '&callback=?', function(data){ var html = ""+data.contents; /* Replace relative links to absolute ones */ html = html.replace(new RegExp('(href|src)="/', 'g'), '$1="'+url+'/'); $("#siteLoader").html(html); }); </script> <div id="siteLoader"> <i>Loading&hellip;</i> </div> </body> </html>

Bimal jha · Answer 2 · 2015-01-13T09:06:51+0000

I think you cannot open a secure site in an iframe. those. those sites that start with https: // cannot be opened in an iframe. You can open w3school.com in an iframe, but not https://twitter.com or https://facebook.com or https://google.com etc.

I made a mistake when trying to open google.co.in in an iframe:

 Load denied by X-Frame-Options: https://www.google.co.in/ does not permit cross-origin framing.

Does not allow inverse iframe conversion

More articles: