Using Javascript to fill out a form inside an iframe html-element

Posted on 2009-02-24
Last Modified: 2012-05-06
The code snippet shows what I'm trying to do.
I want to use javscript to manipulate the html elements that lie inside an iframe.
However, the code produces an javascript "Access denied" error. Any attempt to access the elemtns within the iframe fail like this. A quick search on the internet reveals, that this is because the parent document and the iframe src are from two completely different domains.

According to this link "", the restriction can be eased, but supposedly its only if one domain is a subdomain of the other. I tried, but it didn't work. I essentially just tried to set the parents document.domain variable equals to the domain of the page inside the iframe.

So, is there any other way I can access the iframe elements from the parent document?
var tmp = window.frames[0].document.getElementByName('Username');

Open in new window

Question by:uhm179

    Author Comment

    Okay, I stumbled across a post on some forum about cross-site scripting:

    "It's not crazy as it's for security reasons. If cross-domain access was allowed, I could easily craft a script which grabs say session data from all users on a site, or even create a keylogger, and then sends all gathered data to my own site. Given that I can inject it on your site or one accessed via it.

    Yes, you'll have to use a serverside script to "bounce" off-site access, as you can have greater control that way."

    So, what I'm doing is prohibited for security reasons. But it seems I can achieve what I want indirectly.
    What doese he mean with "serverside script to "bounce" off-site access" ?
    LVL 75

    Accepted Solution

    It is called a proxy.

    Change the call to the page in the iframe to a call to a server process on your site.
    then get the iframe page and serve it as your own page

    Author Comment

    Thx for the info. While not directly helpful, the word "proxy" enabled me to conduct a better search on the internet, leading me to a site, that covers the iframe cross-scripting problem in great detail with a working solution:

    Author Closing Comment

    your post, while not directful helpful, did point me in the right direction. Proxy was the keyword, and it enabled me to find a complete guide on working around the ifram cross-scripting problem.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
    Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
    The viewer will receive an overview of the basics of CSS showing inline styles. In the head tags set up your style tags: (CODE) Reference the nav tag and set your properties.: (CODE) Set the reference for the UL element and styles for it to ensu…
    The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now