Chromium Embedded Framework Forum

[zreo15]

Well i need to display some websites on iframe but due to cross origin policy i couldnt but a way to get over that limitation is disabling websecurity which i dont want to do plus some website like google and twittrer force themselves on parent window or dont load properly or dont aloow navigation so as again a way over that i found was in nw.js where they have mini browser in iframe and this feature nwfaketop which is used to trap the navigation and the access (such as window.top, window.parent) in this iframe is what i need but instead of using nw.js to develope my app i would really prefer to use cef3 because of its small binaries and i really dont have any use of node.js in my app so i was wondering if that faketop feature can be implimented in cef3 in some way or I have to make it a feature request

[amaitland]

You can add specific exclusions for cross origin

See apidocs3/projects/%28default%29/%28_globals%29.html#CefAddCrossOriginWhitelistEntry%28constCefString&,constCefString&,constCefString&,bool%29

[zreo15]

ya well problem with this method is if u access twitter google and other such sites when they are displayed in iframe they notice it and either dont display or try to take over parent frame which is why i needed those nwfaketop functions they prenvent this from happening plus i want to stop them executing scripts to parent but parent should be able to execute on child frames.
Making an exception is not a option for me since m trying to acess whole web using iframes so i cant just keep on adding each site manually ......

[Czarek]

Not sure if this will work in your case, but in CEF you can modify response* headers and thus can change some security restrictions.

*edited

[zreo15]

can u explain how to make it work with iframes m not really sure just what kind of http headers are sent when calls are made from iframes and just what changes maybe needed