I think I’ve figured it out. All I really needed to do was add a callback into my <script> tag. Final code: I have an element named next… So, in the $(“#next”).click() function I have the following code. This only gets executed if they click “next”. //remove old dynamically written script tag- var old = … Read more
It seems that the server does not allow a cross domain request. Nothing you can do. You can set up a PHP script that can curl that page and then you can just ajax the PHP script. Like what kuncajs said You can use this short PHP curl script on your server: <?php $ch = … Read more
The same-origin policy (SOP) appplies to ordinary web pages, not browser extensions, even if they are written in JavaScript. What does “different server” mean when the extension code does not origingate from a server? (The extension script might have some kind of orgin, like chrome-extension://longhashidentificationstr, but not an traditional domain/origin.) To communicate with any Web … Read more
CORS doesn’t let you do that, but you can use cross-document messaging to send strings between iframes and their parent windows even on different domains, and use that to communicate. Most browsers support this although Internet Explorer’s way differs from the others‘. Assuming what you want is to have the iframe announce to the parent … Read more
There are few known methods to work around the Same Origin Policy. One popular technique is to use “Script Tag Injection” such as in JSONP. Since the <script> tag is not constrained by the Same Origin Policy, a script on a third-party domain can provide executable code that interacts with a provided callback function. You … Read more
Yes you can set this in Internet Options: Go to the Security tab. For the current zone click the “Custom level…” button. In the next window, scroll about a third of the way down to “Miscellaneous > Access data sources across domains” and set it to “Enable”. If the current zone is Internet, then you … Read more
Google had just recently enabled this feature. It has been under a ‘feature request’ status for quite a long time. Link here You can now explicitly define X-Frame-Options. To allow embedding under another domain, the option should be HtmlService.XFrameOptionsMode.ALLOWALL Google documentation on the subject: https://developers.google.com/apps-script/reference/html/html-output#setXFrameOptionsMode(XFrameOptionsMode) Example: function doGet() { return HtmlService.createTemplateFromFile(‘form.html’) .evaluate() // evaluate MUST … Read more
Update 2021-10-18 As of Chrome 95, on MacOS and Windows, –disable-site-isolation-trials remains a required flag in order to disable web security, so the command-line arguments to Chrome seen below are still valid. (Some of the arguments are not formally supported by Chrome, as it will warn you.) To test whether you’ve successfully launched Chrome with … Read more
I’m sorry to say you that I’ve tried during weeks to solve this issue (I needed it for a project) and my conclusion is that it’s not possible. There are a lot of problems arround local access through javascript with chrome, and some of them can be solved using –allow-file-access-from-files and –disable-web-security, including some HTML5 … Read more
There is a way. When the page in the iframe loads, have it do the following parent.childGetElementById = function (id) {return document.getElementById(id);} parent.childLoaded(); This will make a function in the global scope of the parent page (that contains the iframe). Then in the parent, just have the following function childLoaded() {var dom = childGetElementById(‘someid’);} This … Read more