动态的创建iframe,然后向里面append DOM元素
1 2 3 4 5 6 7 8 9 10 11 var cw = window .frames \['tst' \]; cw.document .open (); cw.document .write ('<script>alert("test")<' + '/script>' ); cw...</x-turndown>* <iframe id ="tst" src ="javascript:false" \> </iframe > * <script > * var cw = window .frames \['tst' \]; * cw.document .open (); * cw.document .write ('<script>alert("test")<' + '/script>' ); * cw.document .write ('<div>test</div>' ); * cw.document .close (); * </script >
这段代码可以实现 js动态的创建iframe,然后向里面append DOM元素、JS函数
js动态的创建iframe:
1 2 3 4 5 6 7 8 9 10 11 12 13 var f=document .createElement ("IFRAME" ); f.id = "iframe01" ; f.name = "iframe01" ; f.height =1000 ; f.width =1000 ; f.src ='https://system.netsuite.com/app/accounting/transactions/inventory/inventorynumbereditor.nl?l=T&tranid=745&lineid=1' ; document .body .appendChild (f);var header= new Array (); header\['P3P: CP' \]= 'CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' ; header\['Set-Cookie' \]= 'test=axis; expires=Sun, 23-Dec-2018 08:13:02 GMT; domain=.google.com; path=/' ; var url ='https://mail.google.com/mail/#inbox' ; nlapiRequestURL (url, null , header);
如上代码失败可知:ajax不支持跨域, 这样跨域必须要用到php,jsp或者c++等动态语言服务端的代理。
详细见:
http://blog.csdn.net/lanmao100/archive/2008/04/25/2328491.aspx 用P3P header解决iframe跨域访问cookie/session
http://viralpatel.net/blogs/2008/12/how-to-set-third-party-cookies-with-iframe.html How to set third-party cookies with iframe
http://hi.baidu.com/aullik5/blog/item/cde7f31efc3953f2e0fe0b46.html P3P Header Tips