on the standard account layout i have a custom button that opens a new popup window with a visualforce page. My problem is that the layout page have an url like xxx.salesforce.com/xxxxxx and the popup page opens in url like x.xxx.visual.force.com/apex/myPageName
So i can not access parent window, for example reload it with window.opener.location.href I become an error: Permission denied to access property 'href'.
Do you have an idea how i can open popup in same url?
Many thanks.
Visualforce pages always open under the visual.force domain this is to stop Cross-Site Scripting attacks being embedded in visualforce pages accessing your data.
The simplest way to achieve what you're after is to server your account layout from the visual.force domain by creating a visualforce page something like the below
<apex:page standartcontroller="Account">
<apex:detail />
</apex:page>
My solution was: i used a redirection to the visualforce page (not a popup window).
Related
I have stucked somewhere please have a look and get back to me if you have some idea on that:
I want to open a page in fancybox and url of page which is opened in fancybox should display in address bar. I dont want to display url with http://abc.com#divid it should be a proper url without #divid.
It should be something like that :
http://exanple.com/title1
here is my html code:
<a id="example1" href="general.php">Recent Trip to New York</a>
jQuery code:
$("a#example1").fancybox();
Is there any way I can implement the things like I have mentioned..
URL in the browser can be manipulated with HTML5 history, but in this case it would not be advised as the user is simply viewing another page via an iframe, and they remain on the parent page.
Mozilla Developers: Manipulating The Browser History
I am using an Iframe window to display the login form of another website. And what I want is the user should go to that particular site after logging in(even if logging in fails, any click on any link in that iframe should take the user to that site in the full window(parent window).
As long as the links (within the iFrame) are part of the other page, you can't "hijack" their target. You would have to have the means and ability to modify the target attribute of each link to point to _parent or use javascript to reference the window.parent.
Based on what you're saying (you're logging in to a different domain and the page is not part of your site) this wouldn't be possible without implementing some kind of proxy where you could modify the contents between page visits.
I have a page with one button. When clicked, that button navigates to http://google.com/
$("#button").click(function(){
window.location="http://google.com";
});
I would like this navigation to work when this page is embedded within the iframe. I don't want to affect the outside host page, but rather only the contents of the iframe. What's a good cross-platform way to:
Detect if I'm contained in an iframe
If not, navigate like above.
If yes, navigate the iframe only?
(I'm going to try to implement the algorithm I just described, but regardless I think this question is interesting enough to be posted. If I succeed, I'll post my solution)
1) Detect if I'm contained in an iframe
if (window != window.top) {
// the page is inside an iframe
}
2) If not, navigate like above.
navigate like above
3) If yes, navigate the iframe only?
When you write window.location.href = 'http://www.google.com'; you are navigating the contents of the iframe, not that of the top page. If you want to navigate the top page, you can only do this if this top page is on the same domain as the iframe and you could use window.top.location.href.
UPDATE:
There is a security mechanism built in browsers which forbid you from redirecting to sites that set the X-Frame-Options: SAMEORIGIN response header when inside an iframe. That's the case with http://www.google.com. Simply navigate to this site and look at the response HTTP headers with FireBug or developer toolbar you are using and you will see this header. You cannot redirect to it and you will get the following error message:
Refused to display document because display forbidden by X-Frame-Options.
It's basically a security mechanism implemented by some sites whose authors didn't want you to embed them in an iframe.
Hi I am opening an external website in my pop window. I would like to disable certain links in that popup.
i.e. I am opening http://www.yahoo.com in pop and I want to disable some links in that pop-up so that who ever visit yahoo.com using my website, will not able to click on some links...
Is it possible? any idea?
It is impossible to run JavaScript on another domain because of the same origin policy. imagine someone opening up your bank account in a new window/frame and altering the links to transfer money to their account. ;)
You can screen scrape the content with your server and redisplay it, but you have to worry about proxying all of the relative links.
If you are creating a popup using the standard window.open you can manipulate the DOM of that document. See here for more information on how to do that (towards the bottom of the page). But this is fairly limiting to writing stuff to that page. I suppose you could render the link in an iframe and inject some javascript to manipulate it?
I have a html based application and sometimes my html app needs to open another url in iframe.
the problem is that the third party url in the iframe open a new window too with the same content, the same url.
so how can i prevent it?
This seems like an iframe breakoutscript in the thirdparty page. A few links about a solution to this problem.
http://stuntsnippets.com/prevent-iframe-breakout/
http://www.zimbio.com/Web+Design/articles/1110/How+prevent+iFrame+breakaway
How to prevent IFRAME from redirecting top-level window