#1
  1. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221

    Unsafe JavaScript attempt to initiate navigation for frame


    Hi;

    Is there a way to fix this?

    It only happens on Fiddle. On a standalone website, it works fine.

    Unsafe JavaScript attempt to initiate navigation for frame with origin 'https://jsfiddle.net' from frame with URL 'https://***.xyz/timer/timer_view.php?tm=0'. The frame attempting navigation of the top-level window is sandboxed, but the flag of 'allow-top-navigation' or 'allow-top-navigation-by-user-activation' is not set.
    Fiddle

    Thanks
  2. #2
  3. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,885
    Rep Power
    9646
    The iframe is trying to make the top frame navigate somewhere. Your browser isn't allowing it. You can't programmatically make it happen.

    Don't try to manipulate window.top.
  4. #3
  5. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221
    Originally Posted by requinix
    The iframe is trying to make the top frame navigate somewhere. Your browser isn't allowing it. You can't programmatically make it happen.
    Hi;

    How is the same code working here => http://0000.pages.ontraport.net/

    It seems like something fiddle is doing here => https://jsfiddle.net/gck108th/1/ and "simple embed page" not doing here =>http://0000.pages.ontraport.net/

    See where I am going with this?

    Originally Posted by requinix
    Don't try to manipulate window.top.
    I have to. Also I wonder why it's even an option ff it was such a bad idea.

    Thanks requinix
  6. #4
  7. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,885
    Rep Power
    9646
    It doesn't work because JSFiddle took measures to make sure stuff like that doesn't work. If it did then it would be a great way to send people to a drive-by download: simply create a fiddle that redirects window.top to the malicious site.

    You don't control window.top so you shouldn't try to manipulate it.

    What you could do is take that <script> you're embedding in the host site and make a way for the child to make it redirect. Assuming, of course, that the people whose site your code is running on don't mind you hijacking their page.
  8. #5
  9. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,558
    Rep Power
    221
    Originally Posted by requinix
    What you could do is take that <script> you're embedding in the host site and make a way for the child to make it redirect.
    That's what I thought I am doing. I don't want to redirect the "iframe" page with the timer embed on it. I want to redirect the page that has the iframe in it. The parent.

    This is the scenario:

    The visitor is on a sales page, the timer hits zero. They should be redirected to "offer end" page.

    See what I mean?
  10. #6
  11. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,885
    Rep Power
    9646
    But you still don't control that page. The ability to redirect should be at their discretion, not yours.

IMN logo majestic logo threadwatch logo seochat tools logo