file:/// to http:// communication via IFrame

Question

Maybe some of you could have ran into the same problem i did. Imagine you have a file on your machine: file:///c:\test.html

And you have an IFrame inside of this file. You need to indicate whether the IFrame contents are loaded or no.

Bacically, what we have here: 1. location, href, or any other property is inaccessible from file:/// to http:///, or backwards. 2. you can't fire event from the browser window in iframe, or in opposite direction, unfortunately.

Does this problem have a solution? P.S.: that's not a hack. it's a real problem. making some interaction from local machine with website integration.

UPD: I kinda figure out why it's forbidden. ANY interaction with local files should be forbidden from the web page. It's kinda cool, i do agree. But isn't a # hashtag something that can't harm anyone? :(

"Cross Site Scripting" is the name of the problem you are having. This is disabled as part of a security feature in the browser. — David, Oct 14 '09 at 20:04
100% bloody control :) @david, this is not Cross Site Scripting, telling you again. it's working with the same exact code from http://localhost/test.html to http://mydomain.com/myPage.html i suppose (not sure thou) it's a browser protection of local files. — 0100110010101, Oct 14 '09 at 20:15
Just to be annoying, I'll say that if you have full control of the local machine, I suspect that pointing the user's browser to a local file may not be the right approach. What is it you're actually trying to accomplish on that page? — Jeremy Stein, Oct 14 '09 at 20:23
i acknowledge this, Jeremy. i know that it's not a right approach. i didn't know it before. reading Firefox and IE specifications did help a lot. anyways, thank you so much for helping out) — 0100110010101, Oct 14 '09 at 20:28

Jeremy Stein · Accepted Answer · 2009-10-14T20:21:30.287

2

You may find some of these techniques useful: http://softwareas.com/cross-domain-communication-with-iframes

Edit: Per comments below, these techniques don't seem to work when accessing file:///c:\<path>\test.html, whereas they do when accessing http://localhost/test.html.

I think that's because the file protocol is even more restricted by the browser than the http protocol. The MSDN page on the file protocol states:

Internet Explorer 6 Service Pack 1 (SP1) no longer allows browsing a local machine from the Internet zone. For instance, if an Internet site contains a link to a local file, Internet Explorer 6 SP1 displays a blank page when a user clicks on the link. Previous versions of Windows Internet Explorer followed the link to the local file.

Whatever technique you were using to get some cross-domain communication was probably blocked by the browser because you were using the file protocol.

edited Oct 14 '09 at 20:21

answered Oct 14 '09 at 20:04

Jeremy Stein

19,171
16
68
83

yup, red it about an hour ago and googled the whole universe, honestly. i wouldn't post the question unless i'd be sure that i'm without any clue... thank you thou! – 0100110010101 Oct 14 '09 at 20:05
Yeah, those techniques weren't very pretty, were they. – Jeremy Stein Oct 14 '09 at 20:08
yup, they sure are... BUT. it all works from http://localhost/test.html but no success from file:///c:\\test.html – 0100110010101 Oct 14 '09 at 20:10
Well, can you toss a mini web server on their machine? – Jeremy Stein Oct 14 '09 at 20:12
not a problem, i can do it in seconds. for now it's the question of principle. i just want to freaking understand why on earth it's impossible :) when i do, i will move on :) just wanna make sure i'm right) – 0100110010101 Oct 14 '09 at 20:13
My guess is that there are some special rules regarding the file: protocol. I'll update my answer. – Jeremy Stein Oct 14 '09 at 20:16
i will do as well whenever i have more info – 0100110010101 Oct 14 '09 at 20:38

file:/// to http:// communication via IFrame

1 Answers1

Linked