Geek Answers Handbook

Error trying to access iframe in JavaScript

I am trying to call the SC.Widget function from this small API: http://developers.soundcloud.com/docs/api/html5-widget , but I get this error message in Chrome Inspector and I am stuck there.

Unsafe JavaScript attempt to access a frame with the URL file://localhost/Users/maxwell/Desktop/test/test.html from the cURL framework

http://w.soundcloud.com/player/?url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F67825032&auto_play=false&show_artwork=true&color=ff7700 .

The access request to the frame has the protocol "http", and the frame Access has the protocol "file". Protocols must comply.

 <body> <iframe id="soundcloud" width="100%" height="166" scrolling="no" frameborder="no" src="http://w.soundcloud.com/player/?url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F67825032&amp;auto_play=false&amp;show_artwork=true&amp;color=ff7700"></iframe> <script> Soundcloud(); </script> </body> function Soundcloud() { var widget1 = SC.Widget(iframeElement.soundcloud); alert("widget1"); }

I know that this is done for security reasons, but how to change the SoundCloud widget if I can’t access the frame?

Thanks for the help!

+5
javascript soundcloud
source share
2 answers

When accessing an iframe using JavaScript or executing any JSON AJAX requests, you can only access or respond if they are in the same domain. Otherwise, the server must explicitly install:

Access-Control-Allow-Origin: *

in the headlines. You can also provide a list of allowed domains, separated by commas, instead of *.

So, you should test this in a development environment where the web page and data source are in the same domain, for example localhost, otherwise you can’t do anything unless you run chrome with --disable -web-security

+8
source share

You can add this to your iframe.

 sandbox="allow-same-origin allow-scripts"

not supported in opera - new item from w3schools. He will take care of the error, but it will break the player.

+2
source share

More articles:


All Articles