对这个问题的大量答案和问题感到困惑。
现在,我接受安全JS的情况,不允许从iFrame到容器窗口/页面的跨域访问,但在Fragment Identifers或postMessage API的众多文章中引用的理想分辨率真是令人费解。
我想做的是复制vimeo似乎已经取消的东西; 他们新的iframe嵌入代码
<iframe src="http://player.vimeo.com/video/17263117" width="400" height="225" frameborder="0"></iframe>使用http://a.vimeocdn.com/js/player_combined.opt.js?8ba54并且似乎能够从父加载页面填写iframe源中的引用URL。 即www.donkey.com/myvideo.html插入http://player.vimeo.com/video/17263117页面。 通常,对于JS上的安全块,使用简单的parent.location.href是不可能的。 所以,我调查了它并且一直在疯狂追逐鹅,以找到如何做到这一点。
我试图理解他们的JS并使用postMessage API但没有任何东西可以显示。 任何指导都非常受欢迎。
Baffled by the huge quantity of answers and problems on this subject.
Now, I accept the security JS situation disallowing cross-domain access from iFrame to container window/pages but the ideal resolutions cited in numerous articles of Fragment Identifers or postMessage API is truly baffling.
What I want to do is replicate what vimeo seem to have pulled off; their new iframe embed code
<iframe src="http://player.vimeo.com/video/17263117" width="400" height="225" frameborder="0"></iframe>Uses http://a.vimeocdn.com/js/player_combined.opt.js?8ba54 and seems to be able to fill out a referrer url in the iframe's source from the parent loading page. I.e. www.donkey.com/myvideo.html gets inserted in the http://player.vimeo.com/video/17263117 page. Normally, with security blocks on JS this is not possible with simple parent.location.href. So, I looked into it and have been going on a truly wild chase of the goose to find how this can be done.
I've tried to understand their JS and played with postMessage API but haven't got anything to show. Any guidance is very much welcome.
最满意答案
它根本不需要从<iframe>源获取它(安全限制会像你已经注意到的那样阻止它),它作为标题传递给服务器,它在服务器中由JavaScript呈现在页面中使用,查看页面中定义的options变量。
我们来这里举个例子: http : //www.jsfiddle.net/nick_craver/FfuPk/
如果您查看http://player.vimeo.com/video/17263117的请求,
你会看到推荐人获得通过:
Referer: http://fiddle.jshell.net/nick_craver/FfuPk/show/light/在iframe加载的页面中的脚本块中,您将看到:
var options = {config: { //.... "referrer":"http:\/\/fiddle.jshell.net\/nick_craver\/FfuPk\/show\/light\/" //.... };这就是它如何获取引荐来源,最终来自浏览器发送到服务器的标题。
It doesn't need to get it from the <iframe> source at all (security restrictions prevent this as you've already noted), it's passed to the server as a header, and it's rendered in the page by their server for the JavaScript to use, look at the options variable defined in the page.
Let's take an example here: http://www.jsfiddle.net/nick_craver/FfuPk/
If you look at the request to http://player.vimeo.com/video/17263117,
You'll see the referrer get's passed:
Referer: http://fiddle.jshell.net/nick_craver/FfuPk/show/light/In a script block in the page loaded by the iframe you'll see:
var options = {config: { //.... "referrer":"http:\/\/fiddle.jshell.net\/nick_craver\/FfuPk\/show\/light\/" //.... };So that's how it gets the referrer, ultimately from the header sent by your browser to the server.
更多推荐
发布评论