18

I have a rather interesting problem. I have a parent page that will create a modal jquery dialog with an iframe contained within the dialog. The iframe will be populated with content from a 3rd party domain. My issue is that I need to create some dialog level javascript that can detect if the content of the iframe loaded successfully and if it hasn't within a 5 second time frame, then to close the dialog and return the user to the parent page.

I have researched numerous solutions and only two are of any true value.

  1. Get the remote site to include a javascript line of document.domain = 'our-domain.com'.
  2. Use a URL Fragment hack, but again I would need the request that the remote site able to modify the URL by appending '#some_value' to the end of the URL and my dialog window would have to poll the URL until it either sees it or times out.

Are these honestly the only options I have to work with? Is there not a simpler way to just detect this?

I have been researching if there's a way to poll for http response errors, but this still remains confined to the same restrictions.

Any help would be immensely appreciated.

Thanks

Improve this question
1
  • One workaround would be to use setTimeout.
    – Shayan
    Commented Dec 8, 2019 at 16:04

6 Answers 6

Reset to default
10

The easiest way (if you can get code added to the external sites) is to have them add an invisible iframe pointing to a special html file on your domain. This could then use parent.parent.foo() to notify the original window about the load event.

Listening for the "load" event will only tell you if the window loaded, not what was loaded or if the document is ready for interaction.

Improve this answer
4
  • This sounds like a definite option. I will be suggesting this to the developers on their end to see if they will consider this option. Thank you!
    – rik_davis
    Commented Jul 7, 2010 at 11:36
  • 2
    +1 for suggesting what I believe is the only solution for my specific problem! Thanks.
    – Town
    Commented Oct 15, 2010 at 8:27
  • This works brilliantly, albeit somewhat surprisingly until you think about it.
    – Kaganar
    Commented Apr 28, 2015 at 21:13
  • 2
    I don't believe this works anymore in newer chrome versions (I tested using 62.0.3202.45). The console shows an error: "Uncaught DOMException: Blocked a frame with origin ... form accessing a cross-origin frame."
    – HypeXR
    Commented Oct 12, 2017 at 23:23
5

Nicholas Zakas has an article about detecting if an iframe loaded: http://www.nczonline.net/blog/2009/09/15/iframes-onload-and-documentdomain/. Basically you have this code snippet:

var iframe = document.createElement("iframe");
iframe.src = "simpleinner.htm";

if (iframe.attachEvent){
    iframe.attachEvent("onload", function(){
        alert("Local iframe is now loaded.");
    });
} else {
    iframe.onload = function(){
        alert("Local iframe is now loaded.");
    };
}

document.body.appendChild(iframe);

I haven't tested it, but I'm pretty sure jQuery should be able to handle it by doing something like $("#iframe").load(function () { alert("Local iframe is now loaded."); });

Improve this answer
2
  • Thank you for the code snippet. I'll try it and see how this works.
    – rik_davis
    Commented May 2, 2010 at 19:29
  • 1
    Could you please update your question to use addEventListener instead of attatchEvent? Because the latter is obsolete. The event for addEventListener is called load instead of onload.
    – Shayan
    Commented Dec 9, 2019 at 15:07
4

You could try using postMessage for communication between frames.
This will require the remote site to include some specific JavaScript to post a message to the parent document when it has finished loading.

Improve this answer
2
  • I could, yes, but that only works in IE8. Sorry, I should have mentioned that this functionality must work for IE 6,7 and 8 as per our client's specifications.
    – rik_davis
    Commented May 2, 2010 at 17:37
  • [Shameless advertisement] I made a micro-framework to facilitate this while helping you not to open a security bug in your website: github.com/Okrajs/Okrajs
    – Omar Al-Ithawi
    Commented Jul 24, 2015 at 23:23
2

It's possible to do this with an onload handler on the iframe itself. Unfortunately (surprise!) IE makes it difficult. The only way I could get this to work was to compose HTML for the iframe, then append it to the document with innerHTML. Then I have to poll to see when the iframe appears in the DOM, which varies depending on if the page is loading. Here's a link to the source: http://svn.openlaszlo.org/openlaszlo/trunk/lps/includes/source/iframemanager.js

See create(), __finishCreate() and gotload(). Feel free to take a copy of this and use it yourself!

Regards, Max Carlson OpenLaszlo.org

Improve this answer
1
  • 1
    Thank you for the possible solution, Max. My co-worker & I have decided to try using the postMessage method. Although this does not work for IE 6 & 7, we did find that it would suffice our immediate needs if we can get the client to agree to the use of the postMessage. I will gladly examine your suggestion though as one can never have enough tricks up one's proverbial sleeve. :)
    – rik_davis
    Commented Jul 31, 2010 at 3:43
2

This is how I detected the loading of a Cross-Domain Iframe,

  1. Set a unique id for the iframe ( U may use any sort of identifier, it doesn't matter )

<iframe id="crossDomainIframe" src=""> </iframe>

  1. Set window event listener:
document.getElementById("crossDomainIframe").addEventListener('load',

 function actionToPerform(){
   //Do your onLoad actions here
 }

)
Improve this answer
1
  • 1
    this is simple and it works, should be voted higher
    – J Asgarov
    Commented Apr 1 at 20:08
0

In any case you will need some sort of cooperation from the other domain's server, as you are trying to abuse the Same Origin Policy (SOP)

The first solution document.domain=... won't work if domains are different. It works only for subdomains and ports, as described in the link above.

The only option that allows cross domain communication without polling is JSONP or script injection with a JS function callback. This method is available in all Google APIs and works well.

We've explained on our blog a way to sandbox those calls in an iframe to secure them. While postMessage is better now, the window.name hack has the advantage of working on old browsers.

Ironically, SOP does not prevent you to POST anything to another domain. But you won't be able to read the response.

Improve this answer
1
  • 2
    Well, I am not trying to 'abuse' the SOP policy, but the need for this is at a critical stage in user's activity. Yes, I do need this to work on the above mentioned browsers. Oddly, no other browser is presently in their spec. Yet! I'll go have a look at those link and thank you for the additional info.
    – rik_davis
    Commented May 2, 2010 at 19:33

Not the answer you're looking for? Browse other questions tagged or ask your own question.