I have developed an application that has a list of items in one frame; when one clicks on an item it does something in another frame (loads an image).
This used to work fine in all browsers, including Chrome 3; now it still works fine in Firefox but in recent versions of Chrome (I believe since 4) it throws this error:
Unsafe JavaScript attempt to access frame with URL (...) from frame with URL (...). Domains, protocols and ports must match.
This is obviously a security "feature" but is it possible to get around it?
Here is a simple test:
index.html:
<html>
<frameset cols="50%,50%">
<frame src="left.html" name="left"/>
<frame src="right.html" name="right"/>
</frameset>
</html>
left.html:
<html>
<body>
<a href="javascript:parent.right.test('hello');">click me</a>
</body>
</html>
right.html:
<html>
<body>
<script>
function test(msg) {
alert(msg);
}
</script>
</body>
</html>
The above works in Firefox 3.6 and Chrome 3 but in Chrome 5 it throws the above error...
Edit:
See the answers to the closely-related question: Call a JavaScript function defined in an iframe in Chrome using the file protocol.
Briefly, launching Chrome with --allow-file-access-from-files
"solves" the problem insofar as the error will not be reported.
Of course, since you're distributing files on a CD, you're unlikely to view this an actual solution. I recommend starring Chromium bug 47416 to encourage the developers of Chromium to bring Chrome more into line with the behavior of Gecko.