Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
entermix2015-05-17 20:25:46
JavaScript
entermix, 2015-05-17 20:25:46

Why is the access denied?

TinyMCE + Elfinder is installed on the site

Elfinder is loaded in a frame, after downloading the desired file, a link to it is inserted into the editor in this way:

// pass selected file path to TinyMCE
parent.tinymce.activeEditor.windowManager.getParams().setUrl(file.url);

// close popup window
parent.tinymce.activeEditor.windowManager.close();


Everything works fine, but the site needed to install Dklab_Realplexor :

<script type="text/javascript" src="http://rpl.mydomain.com/?identifier=SCRIPT&<?=time()?>"></script>
<script type="text/javascript">
    $(function () {
        var realplexor = new Dklab_Realplexor('http://rpl.mydomain.com/', 'test_');
        realplexor.subscribe("Alpha", function(data) { alert("Alpha: " + data) });
        realplexor.execute();

    });
</script>


As soon as the Dklab_Realplexor connection is started, when adding a link to tinyMCE, this error:

Error: Permission denied to access property "tinymce"
parent.tinymce.activeEditor.windowManager.getParams().setUrl(file.url);

Those. For some reason, there is no access to the parent element. Why is there such a conflict? How can I fix it?

I understand that Dklab_Realplexor (judging by this script ), creates its own invisible frame, is this the reason?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
C
Coderast, 2015-05-17
@Coderast

Those. for some reason I can't access the parent element

Because there is no permission to access the parent element.

Report
A
Andrey Dyrkov, 2015-05-17
@VIKINGVyksa

The sandbox attribute may contain a space-separated list of restrictions that are not needed:
allow-same-origin
A browser may not consider a document in an iframe to be from another domain. If the iframe is already from another domain, then nothing changes.
allow-top-navigation
Allows the iframe to change parent.location.
allow-forms
Allows submitting forms from an iframe.
allow-scripts
Allows the execution of scripts from the iframe. But scripts, nevertheless, will be forbidden to open popups.
The purpose of the sandbox attribute is to impose additional restrictions. It cannot remove existing ones, in particular, remove security restrictions if the iframe is from another source.

<iframe src="URL" sandbox="allow-same-origin || allow-top-navigation || allow-forms || allow-scripts"></iframe>

Similar questions
I
Ingerniated2017-06-01 15:10:14
Why does fetch result in Object and not return result? 4Reply
U
Username2017-06-05 22:44:29
CorelDraw or illustrator? 12Reply
S
Sergey Burduzha2019-11-09 15:58:04
Where can I get native drivers for asus rog g752v? 1Reply
S
SergeyL19932019-11-11 20:10:49
Who knows what setting allows you to display all the selected classes and files as on the screen, and not hide them in a drop-down list? 6Reply
V
vetsmen2019-11-12 21:53:54
How to count online from all workers? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question