search
HomeWeb Front-endJS TutorialImplementation method of iframe window height adaption_javascript skills

There is a page index.html in domainA, and a page other.html in domainB is nested through an iframe.
Since the other.html page is displayed in an iframe, and its page content will dynamically increase or decrease, now The scroll bar of the iframe needs to be removed
Due to the restrictions of the JavaScript same-origin policy, cross-domain operations cannot be performed, which makes the problem more difficult
After referring to the online practice, an agent page, or agent.html, was introduced. Belongs to domainA
Then, in other.html in domainB, use iframe to nest agent.html

Okay, now the situation is like this:
index.html uses iframe to nest other.html
other.html uses iframe to nest agent.html
The reason why we need to introduce the third page agent .html is to comply with the rules of the "same origin policy" and complete the transfer of parameters under different domains!

Our ultimate goal is to remove the scroll bar and ensure that all embedded page contents are displayed
1. Get the actual height of the other.html page
2. Set the height to its embedded
on the src attribute of the iframe 3. Intercept the height value in the src attribute of the iframe to which it belongs in agent.html

In the following example, a trick is used to avoid using setInterval() to continuously set the height of the iframe.
The method is to append a timestamp to the src of the iframe to allow the browser to reload the agent every time. .html
and then let the js function invokeMethodInTopWindow() in agent.hml be executed
2 html
index.html

in domainA

Copy code The code is as follows:

#{extends 'main.html' /}
#{set title:'Home' /}


Window adaptive---bypassing the restrictions of the same-origin policy, while using the same-origin policy to remove the scroll bar of the iframe and dynamically adjust it The height of the window so that it can display all the content of the nested page





agent.html

Copy code The code is as follows:




Insert title here


I am an agent page!



other.html in domainB

Copy code The code is as follows:





Insert title here


   
   

   

        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
        在JavaScript中,有一个很重要的安全性限制,被称为“Same-Origin Policy”(同源策略)。
        这一策略对于JavaScript代码能够访问的页面内容做了很重要的限制,即JavaScript只能访问与包含它的文档在同一域下的内容。
        所谓同源是指,域名,协议,端口相同。
   

   

        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
        比如一个黑客程序,他利用IFrame把真正的银行登录页面嵌到他的页面上,当你使用真实的用户名,密码登录时,
        他的页面就可以通过Javascript读取到你的表单中input中的内容,这样用户名,密码就轻松到手了。
   



Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Behind the Scenes: What Language Powers JavaScript?Behind the Scenes: What Language Powers JavaScript?Apr 28, 2025 am 12:01 AM

JavaScript runs in browsers and Node.js environments and relies on the JavaScript engine to parse and execute code. 1) Generate abstract syntax tree (AST) in the parsing stage; 2) convert AST into bytecode or machine code in the compilation stage; 3) execute the compiled code in the execution stage.

The Future of Python and JavaScript: Trends and PredictionsThe Future of Python and JavaScript: Trends and PredictionsApr 27, 2025 am 12:21 AM

The future trends of Python and JavaScript include: 1. Python will consolidate its position in the fields of scientific computing and AI, 2. JavaScript will promote the development of web technology, 3. Cross-platform development will become a hot topic, and 4. Performance optimization will be the focus. Both will continue to expand application scenarios in their respective fields and make more breakthroughs in performance.

Python vs. JavaScript: Development Environments and ToolsPython vs. JavaScript: Development Environments and ToolsApr 26, 2025 am 12:09 AM

Both Python and JavaScript's choices in development environments are important. 1) Python's development environment includes PyCharm, JupyterNotebook and Anaconda, which are suitable for data science and rapid prototyping. 2) The development environment of JavaScript includes Node.js, VSCode and Webpack, which are suitable for front-end and back-end development. Choosing the right tools according to project needs can improve development efficiency and project success rate.

Is JavaScript Written in C? Examining the EvidenceIs JavaScript Written in C? Examining the EvidenceApr 25, 2025 am 12:15 AM

Yes, the engine core of JavaScript is written in C. 1) The C language provides efficient performance and underlying control, which is suitable for the development of JavaScript engine. 2) Taking the V8 engine as an example, its core is written in C, combining the efficiency and object-oriented characteristics of C. 3) The working principle of the JavaScript engine includes parsing, compiling and execution, and the C language plays a key role in these processes.

JavaScript's Role: Making the Web Interactive and DynamicJavaScript's Role: Making the Web Interactive and DynamicApr 24, 2025 am 12:12 AM

JavaScript is at the heart of modern websites because it enhances the interactivity and dynamicity of web pages. 1) It allows to change content without refreshing the page, 2) manipulate web pages through DOMAPI, 3) support complex interactive effects such as animation and drag-and-drop, 4) optimize performance and best practices to improve user experience.

C   and JavaScript: The Connection ExplainedC and JavaScript: The Connection ExplainedApr 23, 2025 am 12:07 AM

C and JavaScript achieve interoperability through WebAssembly. 1) C code is compiled into WebAssembly module and introduced into JavaScript environment to enhance computing power. 2) In game development, C handles physics engines and graphics rendering, and JavaScript is responsible for game logic and user interface.

From Websites to Apps: The Diverse Applications of JavaScriptFrom Websites to Apps: The Diverse Applications of JavaScriptApr 22, 2025 am 12:02 AM

JavaScript is widely used in websites, mobile applications, desktop applications and server-side programming. 1) In website development, JavaScript operates DOM together with HTML and CSS to achieve dynamic effects and supports frameworks such as jQuery and React. 2) Through ReactNative and Ionic, JavaScript is used to develop cross-platform mobile applications. 3) The Electron framework enables JavaScript to build desktop applications. 4) Node.js allows JavaScript to run on the server side and supports high concurrent requests.

Python vs. JavaScript: Use Cases and Applications ComparedPython vs. JavaScript: Use Cases and Applications ComparedApr 21, 2025 am 12:01 AM

Python is more suitable for data science and automation, while JavaScript is more suitable for front-end and full-stack development. 1. Python performs well in data science and machine learning, using libraries such as NumPy and Pandas for data processing and modeling. 2. Python is concise and efficient in automation and scripting. 3. JavaScript is indispensable in front-end development and is used to build dynamic web pages and single-page applications. 4. JavaScript plays a role in back-end development through Node.js and supports full-stack development.

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

SecLists

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.