This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I am getting the same issue, but with a child IFRAME calling a function in it's parent... in this case, the webpages are from differents hosts in the same domain -- is there any way to get the browser to relax the rules slightly ?
For IE, you can use HTA files (look at msdn). It called HTML application, and don't have any security checks (though it promts user - to launch it or to save it). You can see examples on my website in downloads. It is Web test toolkit and web code expert.
Not sure you the following, but if the ip addresses that you are displaying fixed, than you can look into this option.
This is a security issue I read somewhere about a year ago: If you have domain name, let say mydomain.com, and defined to subdomains, let say sub1.mydomain.com and sub2.mydomain.com, and display them in frames (or use popup window), scripts from those frames will be able to access each other. The browser actually checks the names, not ip's. This could cause the following problem - if I define my subdomains to point to different ip's, from browser point of view, they still on the same domain.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: Cross-Site Script Security issue Kindly help me out!!