G
Guest
Hi,
I have a screen which has frames in it.
The frames are defined as follows:
<FRAMESET rows="0,*" border="0" frameborder="0">
<FRAME src="/abc/getData.do" name="hidden" noresize
border="0" scrolling="no" />
<FRAMESET rows="0,*" border="0" frameborder="0">
<FRAME src="" name="hiddenValidity" noresize border="0"
scrolling="no" />
<FRAME SRC="/abc/showData.do" name="main" noresize
border="0" scrolling="auto" />
</FRAMESET>
</FRAMESET>
the 'main' frame inturn has an iframe called 'IF1'
Im writing content to the 'IF1' iframe through the top
frame Javascript.
The process of writing to the iframe through Javascript
starts with the function
function startPageHTML(){
var docW = ""
docW += "<HEAD>";
docW += "<script>";
docW += "document.domain='xyz.com'";
docW += "<\/script>";
document.domain='xyz.com';
f.document.write(docW); //by now f is set to IF1
docW = "</HEAD>";
docW += "<BODY topmargin=16 marginheight=16>";
f.document.write(docW);
}
This was working all this while until I put the Q867801
patch for IE 6 SP1.
If I back out the patch the screen works perfectly fine.
It is now throwing an Access denied JS error when it is
trying to do f.document.write(docW)
If I'm right, Q867801 fixes three vulnerabilities and I'm
guessing that navigation cross domain vulnerability is
what might be giving me the problem now.
Has anyone faced similar problems? Any advice/opinion will
be greatly appreciated.
I have a screen which has frames in it.
The frames are defined as follows:
<FRAMESET rows="0,*" border="0" frameborder="0">
<FRAME src="/abc/getData.do" name="hidden" noresize
border="0" scrolling="no" />
<FRAMESET rows="0,*" border="0" frameborder="0">
<FRAME src="" name="hiddenValidity" noresize border="0"
scrolling="no" />
<FRAME SRC="/abc/showData.do" name="main" noresize
border="0" scrolling="auto" />
</FRAMESET>
</FRAMESET>
the 'main' frame inturn has an iframe called 'IF1'
Im writing content to the 'IF1' iframe through the top
frame Javascript.
The process of writing to the iframe through Javascript
starts with the function
function startPageHTML(){
var docW = ""
docW += "<HEAD>";
docW += "<script>";
docW += "document.domain='xyz.com'";
docW += "<\/script>";
document.domain='xyz.com';
f.document.write(docW); //by now f is set to IF1
docW = "</HEAD>";
docW += "<BODY topmargin=16 marginheight=16>";
f.document.write(docW);
}
This was working all this while until I put the Q867801
patch for IE 6 SP1.
If I back out the patch the screen works perfectly fine.
It is now throwing an Access denied JS error when it is
trying to do f.document.write(docW)
If I'm right, Q867801 fixes three vulnerabilities and I'm
guessing that navigation cross domain vulnerability is
what might be giving me the problem now.
Has anyone faced similar problems? Any advice/opinion will
be greatly appreciated.