7 Replies Latest reply: Feb 23, 2011 7:36 AM by alxtoth RSS

    QV10 and embedding AjaxZfc within an IFRAME


      We integrated QV10 AjaxZfc to our web application simply by creating a web page that contains an iframe, which links to AjaxZfc's opendoc.htm.

      This works just fine if we deploy the AjaxZfc and the web app under the same IIS web site. However, if the AjaxZfc stuff and the web application are deployed on different servers or web sites, the trouble begins.

      The QvAjax.js contains some statements that access window.parent.Qva. From browser's point of view, the window object and window.parent object originate from different domains, which means that browsers consider accessing the window.parent.Qva object as an attempt to do cross-site scripting and an exception gets thrown and nothing works. There is no try-catch block in the script.

      FireFox 3.6.13 and IE9 are secure enough to catch this, but Safari 5 and IE8 load the report without any problems.

      Is there some easy way to get around this without modifying the javascripts? Or should I do something completely different?