How to grant permission to function or document element from iframe created through external .js script tag? [duplicate]

This question already has answers here: Cross domain iframe issue (5 answers) Closed 6 years ago.

I am embedding a script via <script src="example.com/file.js"></script> on a domain that does not belong to me. The script outputs a iframe with its src set to a script on my site. I'm also outputting a div tag that contains the iframe (it is not rendered by the iframe but the js file). Now, I want to be able to execute a function that is loaded via the iframe to control the parent div of the iframe OR output the function along with the div tag and execute the function from the i开发者_Python百科frame. I am getting permission denied errors when attempting to do either. How can I grant permission?

---

You can't (and then time passes and the answer changes, see the duplicate question).

---

In short, you can't using the way you posted. The only thing windows (including iframe windows) can do to each other is change the URL / hash. What you can do is:

1) Make an HTML page that checks its hash for commands to run. Put this on SITEA.

2) On your regular SITEA page load SITEB in an iframe.

3) SITEB iframes doesn't have access to it's parent since it's on a seperate domain. However, it can load the page you set in step 1 through an iframe. You can also change the URL on this iframe. This SITEA iframe is allowed to talk and control SITEA parent (through something like window.top).

This may sound confusing but it works and is pretty much the only way to do it cross-browser and in IE6. I've done stuff like this to support ads that expand on the parent site.