Posts Tagged ‘same origin policy’

handling an iframe from the inside

March 30, 2011

if you’ve ever worked with iframes you’ve certainly run into the same origin policy.

from here:

The same origin policy basically limits how scripts and frames on different domains can talk to each other.

this is particularly bad if you want to resize an iframe to accomodate its content, as this is not doable with simple CSS (to the best of my knowledge!). it can be done using window.postMessage, though.

see a demo here.

basically, the content of the iframe fires postMessages to its parent window and the window itself, i.e. the iframe container, handles them. cool…

Advertisements