If both the parent site and the iframe URL are available for you to find out that the page is fully loaded (no problem with "sameorigin"), send a message ( postMessage ) from the child to the parent like this;
Parent site (containing iframe)
//Listen for message window.addEventListener("message", function(event) { if (event.data === "loading_success") { //Yay } }); //Check whether message has come through or not iframe_element.onload = function () { //iframe loaded... setTimeout(function() { if (!iframeLoaded) { //iframe loaded but no message from the site - URL not allowed alert("Failure!"); } }, 500); };
Sub site (URL from frame)
parent.postMessage("loading_success", "https://the_origin_site.url/");
You can get the_origin_site.url using a server language such as PHP if you need the multi-origin feature
The accepted answer only works if the domain you are trying to insert in the iframe matches the one you are requesting - this solution works for a cross-domain domain where you have access to scripts in both domains.
Albert MN.
source share