We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

access top frames from within nested frames

more options

I have the following simple script in ann html-document within a nested frameset:

<script type="text/javascript" language="JavaScript"> </script>

The script is activated by the "onload" function in the body. This works flawlessly in Google Chrome, Microsoft Edge, Safari and Opera, bit not in Firefox (latest version).

Anyone any idea how to get it working in Firefox?

I have the following simple script in ann html-document within a nested frameset: <script type="text/javascript" language="JavaScript"> <!-- function InitAct() { window.top.frames.beam.location.replace("topvar1.html"); } //--> </script> The script is activated by the "onload" function in the body. This works flawlessly in Google Chrome, Microsoft Edge, Safari and Opera, bit not in Firefox (latest version). Anyone any idea how to get it working in Firefox?

Chosen solution

Jos said

function InitAct()
  {
    window.top.frames.beam.location.replace("topvar1.html");
  }

Are you testing on the web or on disk? Firefox restricts file:/// access differently than http:// and https:// access.

Assuming on the web:

Are all the frames loading from the same origin? By origin I mean protocol + hostname.

Does Firefox post any error or security messages in either the Web Console for the tab, or in the global Browser console, when the script runs?

See:

Read this answer in context 👍 1

All Replies (3)

more options

Chosen Solution

Jos said

function InitAct()
  {
    window.top.frames.beam.location.replace("topvar1.html");
  }

Are you testing on the web or on disk? Firefox restricts file:/// access differently than http:// and https:// access.

Assuming on the web:

Are all the frames loading from the same origin? By origin I mean protocol + hostname.

Does Firefox post any error or security messages in either the Web Console for the tab, or in the global Browser console, when the script runs?

See:

more options

Thanks very much for your answer! I was testing on disk (of course), but when I tested on the web it worked. Strange! I really don't understand why this should be like it is. But I'm glad now it works on the web.

more options

The difference is to protect against an attack scenario where one saved file (which could be from the web) reads other content in the same folder or sub-folders. The change was made around Firefox 68, as explained in the following thread (which has a workaround): https://support.mozilla.org/questions/1264596