- <iframe id="tst" src="javascript:false"></iframe>
- <script>
- var cw = window.frames['tst'];
- cw.document.open();
- cw.document.write('<script>alert("test")<' + '/script>');
- cw.document.write('<div>test</div>');
- cw.document.close();
- </script>
这段代码可以实现 js动态的创建iframe,然后向里面append DOM元素、JS函数
js动态的创建iframe:
var f=document.createElement("IFRAME");
f.id = "iframe01";
f.name= "iframe01";
f.height=1000;
f.width=1000;
f.src='https://system.netsuite.com/app/accounting/transactions/inventory/inventorynumbereditor.nl?l=T&tranid=745&lineid=1'; //"about:blank"
document.body.appendChild(f);
var header= new Array();
header['P3P: CP']= 'CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR';
header['Set-Cookie']= 'test=axis; expires=Sun, 23-Dec-2018 08:13:02 GMT; domain=.google.com; path=/';
var url ='https://mail.google.com/mail/#inbox';
nlapiRequestURL(url, null, header);
如上代码失败可知:ajax不支持跨域, 这样跨域必须要用到php,jsp或者c++等动态语言服务端的代理。
详细见:
http://blog.csdn.net/lanmao100/archive/2008/04/25/2328491.aspx 用P3P header解决iframe跨域访问cookie/session
http://viralpatel.net/blogs/2008/12/how-to-set-third-party-cookies-with-iframe.html How to set third-party cookies with iframe
http://hi.baidu.com/aullik5/blog/item/cde7f31efc3953f2e0fe0b46.html P3P Header Tips
.png)