Can't access prototype of objects that were received from an iframe exported object
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
People
(Reporter: haimh, Unassigned)
Details
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
Steps to reproduce:
I have an iframe with domain 'xxx.main.com'
I'm loading it in 'main.com'
In the iframe, there is some code that does
document.domain = 'main.com'
from the iframe, I get an object (iframeElement.contentDocument.someObject).
Then I use someObject.getObject().
When I try to access any property of the prototype or when I try to clone it using lodash I get error https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Property_access_denied
Actual results:
I get https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Property_access_denied
Expected results:
Everything should continue working the same as before
From here:
https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#Changing_origin
Note: When using document.domain to allow a subdomain to access its parent securely, you need to set document.domain to the same value in both the parent domain and the subdomain. This is necessary even if doing so is simply setting the parent domain back to its original value. Failure to do this may result in permission errors.
Comment 2•5 years ago
|
||
Hi @Haim, please provide a TC - a link or something that will help to test the issue. Thanks
Updated•5 years ago
|
Comment 3•5 years ago
|
||
Not waiting for the required information for 2 months, closing IMCOMPLETE.
Dear reporter, feel free to reopen this when you get a chance getting back to us here. Thanks!
Hey
We were able to overcome this error so it became low priority.
I can't set up an environment to check it out, but I can give you all of the info you need.
- create a site with domain XXX that has function on window createObject that returns a new object
- create a site in subdomain of XXX
- in subdomain.XXX add js that changes document.domain to be XXX ( https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy#Changing_origin)
- In subdomain.XXX load XXX in iFrame.
- in subdomain.XXX access iframeElement, get window and use create new object method.
- returned object prototype has restricted access which shouldn't be according to the link in #3
Updated•5 years ago
|
Updated•2 years ago
|
Description
•