I was doing research to see if its possible to do access corss domain ifram elements and do thing like clicking a button or filling a form in that iframe.
I came across few thing and would like to get any experienced view if its possible :
1) using window.postmessage 2) using easyXDM 3) Any other method available.
Wikipedia: Same origin policy: is an important security concept for a number of browser-side programming languages, such as JavaScript. The policy permits scripts running on pages originating from the same site – a combination of scheme, hostname, and port number – to access each other's methods and properties with no specific restrictions, but prevents access to most methods and properties across pages on different sites.
Wikipedia: Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from.
To allow cors requests, the shared content server must allow it through a combination of headers :
Client (www.example.com) : ORIGIN: www.example.com
Server (not www.example.com): Access-Control-Allow-Origin: www.example.com
You may for example, load the content of the other page by ajax and insert it into an iframe of your page, that allow you to manipulate it without restrictions.
This restriction is a client-side protection, that mean you may create your own browser that does not implement it.
