其中要点,
Stpe1,浏览器在Iframe中加载一个异域的页面,这个页面返回 <script>window.name=”任何数据”</script>,这时候,取 iframe.contentwindow.name是拒绝访问的。
Step2,在Iframe中加载一个本域中的任意页面,此时,iframe.contentwindow.name 就可以访问了,
DEMO: 下面是不修饰的代码,
1: <script type="text/javascript">
2:
3: function getContents(iframe) {
4: try {
5: // Make sure the iframe's window & document are loaded.
6: if (!iframe.contentWindow || !iframe.contentWindow.document) {
7: console.log("no contentwindow");
8: return null;
9: }
10:
11: console.info("window.name=" + iframe.contentWindow.name);
12: // Get the response from window.name
13: return iframe.contentWindow.name;
14: } catch (e) {
15: console.error(e);
16: return null;
17: }
18: }
19:
20:
21: //getContents(this);
22:
23:
24: function test() {
25: var doc = document;
26: var iframe = doc.createElement('iframe');
27: doc.body.appendChild(iframe);
28:
29: var form = doc.createElement('form');
30: doc.body.appendChild(form);
31:
32: var requestId = "__Go";
33: iframe.contentWindow.name = requestId;
34: form.target = requestId;
35: form.action = "http://castest.youxituan.com/cas/JsLogin";
36: form.method = "post";
37: var isFirst;
38: var time = 0;
39: iframe.onload = function () {
40: time++;
41: console.info("time=" + time);
42: if (time == 1) {
43: console.info("first" + iframe.src);
44: iframe.contentWindow.location = 'about:blank';
45:
46: //iframe.contentWindow.document.write(".....");
47: isFirst = false;
48: } if (time == 2) {
49: console.info("not first");
50: window.alert(iframe.contentWindow.name);
51:
52: //iframe.contentWindow.document.write('');
53: //iframe.contentWindow.close();
54: //document.body.removeChild(iframe);
55:
56: //iframe.src = '';
57: iframe = null;
58: }
59: console.log("onload");
60: getContents(iframe);
61:
62: };
63: iframe.onreadystatechange = function () {
64: console.log("onreadystatechange");
65: getContents(iframe);
66: };
67:
68: form.submit();
69: }
70:
71:
72: $(function () {
73: test();
74: });
75:
76:
77: </script>