我正在尝试修改跨域iframe。特别是我想更改google drive save按钮中显示的文字。
https://developers.google.com/drive/web/savetodrive这就是我要编辑的内容。
$(".gdrivelink iframe").contents().find(".save-to-drive-text").text('Save to Google Drive');
尝试运行文本更改代码时出现此错误。
DOMException {message: "Failed to read the 'contentDocument' property from…92.168.2.27" from accessing a cross-origin frame.", name: "SecurityError", code: 18, stack: "Error: Failed to read the 'contentDocument' proper…ject.InjectedScript.evaluate (<anonymous>:609:21)", INDEX_SIZE_ERR: 1…}code: 18message: "Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a frame with origin "xxxx://192.168.2.27" from accessing a cross-origin frame."name: "SecurityError"stack: "Error: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a frame with origin "192.168.2.27" from accessing a cross-origin frame.
at Error (native)
at n.each.contents (192.168.2.27/zm/js/jquery.js:2:26312)
at Function.n.extend.map (192.168.2.27/zm/js/jquery.js:2:3483)
at n.fn.(anonymous function) [as contents] (192.168.2.27/zm/js/jquery.js:2:26401)
at <anonymous>:2:25
at Object.InjectedScript._evaluateOn (<anonymous>:762:137)
at Object.InjectedScript._evaluateAndWrap (<anonymous>:695:34)
at Object.InjectedScript.evaluate (<anonymous>:609:21)"__proto__: DOMException
我已经搜索过这个但我无法找到解决方案。
答案 0 :(得分:0)
严重的安全问题是不可能的。由于JavaScript被广泛用于网络钓鱼,因此每个页面都在沙箱中运行,只需要尽可能多的权限。由于iframe只是另一个页面内的页面,因此会应用限制。
想象一下,你打开了两个标签,一个是网上银行,另一个是“邪恶”。如果邪恶的网站能够填写银行网站内的表格并通过javascript提交这些表格怎么办?