0

I want to display my website in iframe of other domain(s). When displayed in iframe of that domain, I want to perform some actions like hiding/displaying content. Pages from my website are also iframed in same domain as well. So there is dynamic behavior. How do I find out where is my page iframed? There will be navigations from one page to another in iframe and whenever full page load happens, I want to know the context/parent where my page is iframed.

Using postMessage is not an option because it is async and I don't have control over other domains/apps. I found out iframe name can be accessed from following question - access iframe name from inside iframe

Can I use it to find out the iframe context. (I can ask other domains/apps to set particular name to iframe so that they get correct rendering of the page)

Mahesh
  • 1
  • 1
  • I believe `window.parent.location` gets you the parent-location even inside an iframe. Does that help you? – jayms Aug 03 '19 at 15:42
  • for cross-origin requests window.parent.location will not work – Mahesh Aug 03 '19 at 16:44
  • Maybe ask people to use the [sandbox-attribute](https://www.w3schools.com/tags/att_iframe_sandbox.asp) of iframes? – jayms Aug 03 '19 at 17:05
  • Sorry, I am not expert. We are using sandbox attribute. Any particular value will make parent.location accessible? We have allow-scripts, allow-same-origin and other form and popup related values allowed in sandbox. – Mahesh Aug 03 '19 at 17:19
  • I believe that `window.parent.location` should always be readable according to [this Mozilla resource](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#Cross-origin_script_API_access) Using sandbox attributes will allow you to do more.. What have you tried so far? – jayms Aug 03 '19 at 17:35
  • I get CORS exception when accessing href. Just to clarify can't just use parent.location to compare with iframe window.location because it doesn't tell me in which domain the page is iframed. Edited question to clarify that page could be iframed in many cross-domain pages. – Mahesh Aug 03 '19 at 18:13

0 Answers0