I have an intranet site built on Drupal, and I'm trying to add a frame to another internal site that's on a different server. When I add the frame and preview it, the other site shows up, but then an error pops up on screen saying http://internal.site undefined. When I hit ok, all but the very top of the other site disappears.
Any ideas?


MarcElbichon’s picture

I think you have javascript in your iframed page. This page shows up the error message.
Can you verify your iframed page ?

cletusalphonse’s picture

My iframed page is a Microsoft Sharepoints calendar. I'll look into it a little more and see if that's the issue, thanks.

gwink’s picture

I am getting this too and have no Javascript in the frame site. Also, the frame resizes to a size that is not 100% height. I am using the a subdomain and it sizes correctly then the error popups and it becomes smaller.

MarcElbichon’s picture

You are right. Error is triggered by insertFrame because an error occured in the auto-resize function.
Could you (cletusalphonse & gwink) replace code in the insertframe.js file by :

function adjustHeight(obj, offset){
var doc = window.frames[obj.name].document;
if (navigator.userAgent.indexOf("IE")) {
var the_height=obj.contentWindow.document.body.scrollHeight;
obj.height = the_height + offset;
obj.style.height = obj.height;
} else {
obj.style.height = (doc.body.offsetHeight+offset)+'px';
doc.body.style.borderWidth = '0px';

and report me the line number and reason (if any) of the error.
What is your browser ?

gwink’s picture

Here's the error I am receiving:

Unsafe JavaScript attempt to access frame with URL http://www.myexample.com/node/281 from frame with URL http://db. myexample.com/index.php. Domains, protocols and ports must match.

/sites/all/modules/insertFrame/insertFrame.js?x:5TypeError: Result of expression 'obj.contentWindow.document' [undefined] is not an object.

I am not sure why that JavaScript error should be coming up as the base domain is the same. Now there is no error but I can't scroll either...



MarcElbichon’s picture

I suppose you use Safari ? Does cletusalphonse too ?

This is a security issue from browsers. I don't know how Safari deals with subdomains.
In this case, auto-height doesn't work but scrolling can be done is scrolling parameter is auto (default).

gwink’s picture

I am seeing on FF and Safari. What do you mean by the last line?
"In this case, auto-height doesn't work but scrolling can be done is scrolling parameter is auto (default)."
I need to not have a second scrollbar in there.

MarcElbichon’s picture

You said "Now there is no error but I can't scroll either" so i supposed you wanted to scroll iframed page. When security issue occurs, iframe is sized to 100px and scrolling is on (unless scrolling option in the filter is no).

Is you problem resolved ?

gwink’s picture

No. I need a workaround the security error. I own both domains but one is www and the other is db. I wa hoping there was something that could be done to mak this work.

By the way I still get the other error on that the object is null

MarcElbichon’s picture

Have you try to set document.domain to the same value on both pages (see http://www.tomhoppe.com/index.php/2008/03/cross-sub-domain-javascript-aj...).

drupert55’s picture


I just added this module feature to v.6.16 and am getting the 'undefined' message or 'Access is denied' depending on the browser. I added the <iframe> to the 'Allowed HTML tags' list.

I really need to get this resolved as quick as possible.


EDIT: I meant to add that the page from my domain loaded fine. The error came when I clicked the links on the page that went to another domain. I used a different iframe module and those external server pages served up fine so it's not a browser security issue.

EDIT#2 (POSSIBLE SOLUTION): The error showed up with the following version [[[www.myurl.com/myapp.html]]] but NOT with [[[www.myurl.com/myapp.html height=500px width=300px]]] and NOT with width=100%. BUT, when I put height=100%, the 'undefined' error appeared.


drupert55’s picture

See edits (POSSIBLE SOLUTION) in previous reply.

MarcElbichon’s picture

This is a browser security issue.
With height=100%, javascript try to get height or the iframe to resize the iframe. Browsers don't allow this, so 'Access denied' error is triggered (see http://forums.asp.net/t/1065326.aspx).

Setting height to 100% activate auto-resizing (resize iframe height when content of the frame changes).
If you don't want to use this feature, turn off this by setting a height like you do in EDIT#2

f0rd42’s picture

Hi there

I'm running in exactly the same problem. I searched the Internet for weeks now and tried to follow given suggestions, but non of them work for me (probably doing it wrong). I have no clue about javascript, so I'm a bit lossed :-)

I need to have the complete content of a page from a different server (all under my control) to be displayed in a iframe within drupal. I've seen, that there are many ways (and working with a hight and scrolling=auto works, but isn't "nice") to get around the javascript error, so, as both servers are under control, I'm pretty sure someone who knows what he/she's doing, will get it to work, but I don't.

Is there anyone out there willing to help? I would pay / donate if wanted, that's not a problem. All I want is that page in an iframe to have a common look and feel.



PS: We have it running in joomla right now, obviously without auto resize, but there you can see what I want to include. It's a Ticketsystem, vendor is kayako: http://technet.zycko.de/index.php?option=com_wrapper&Itemid=28


MarcElbichon’s picture

If the iframed page is under your control, can you try this :

In your iframed page, create a javascript function :

function resizeIframe() {
if(self==parent) return false; /* Checks that page is in iframe. */
else if(document.getElementById&&document.all) /* Sniffs for IE5+.*/

var FramePageHeight = document.getElementById('framePage').scrollHeight + 10;
/* The added 10 pixels prevent an unnecessary scrollbar. */

/* "iframeID" is the ID of the inline frame in the parent page. */

<body id="framePage" onload="resizeIframe()">

In the insertFrame syntax, set height to a value (100px for example).

Tono’s picture

I ran into the same problem. I'm also JavaScript illiterate...
From what I gather its a JavaScript security issue when auto height is used:

insertFrame uses JavaScript to calculate the height of the frame. When the the target URL is outside the currrent domain even if its a subdomain JavaScript CANNOT determine the size and just atempting to read creates a security issue "ACCESS DENIED".

The only reason I'm using this module is because I need auto height. With this module I'm getting the same results a using:

<p><iframe src="http://myurl.com" style="border-style: hidden; width: 100%; height: 600px;" scrolling="auto"></iframe></p>

without any modules


3xit’s picture

No problem when src url is in the same domain base. Auto-height with insertFrame.js is working too, if body tag is available in the source document.

I have to modify the insertFrame.js script in line 5 to get the height of the id=content instead of the body element:

var the_height=obj.contentWindow.document.getElementById('content').scrollHeight;

That's maybe a new feature request to have an option in the input filter to set custom ids.

thx for this module.

MarcElbichon’s picture

Why do you use a custom id rather than body ?
Iframe prints body so your id must be the first container under body to make insertFrame working. Am i right ?

webservant316’s picture

So is there no way to specify height=100% when iframing content from another domain name? That kinda stinks. There must be some way to accomplish this.


MarcElbichon’s picture

If you don't have control over iframed page, i 'm afraid that there is no solution.
This is a "common" problem with iframe. Googleize for workaround

webservant316’s picture

At this point I only plan to iframe content on the same Apache server and my goal is to save disk space by not having the same content to iframe copied into each of my domains. I think the solution is to put my content in one location and then simply create a hard link within each of my domains to the content I want to share.

MarcElbichon’s picture

If you use only one Apache server, domain name should be the same, so auto height would work.
So create a location for you site (ie : http://mydomain.com/mysite) and another for the share content (ie http://mydomain.com/mysharedcontent). Iframe with share content can be autosized.

webservant316’s picture

In my case I manage several websites on different domains on the same WHM server, but want to shared some iframed content on the different domains. In the past I just made copies of the shared content within the Drupal installation for each domain I manage. However, trying to get more efficient in my use of disk space, so I plan to use the links to a shared location.

MarcElbichon’s picture

Have you try #10. This maybe works with subdomains (aaa.mydomain.com and bbb.mydomain.com)

webservant316’s picture

this is what I did and it works great.

www.mydomain1.com points to /home/user/public_html/drupal/domain1
www.mydomain2.com points to /home/user/public_html/drupal/domain2
shared resources are located at /home/userpublic_html/sharedresources

ln -dfs /home/user/public_html/drupal/domain1/sites/default /home/userpublic_html/sharedresources
ln -dfs /home/user/public_html/drupal/domain2/sites/default /home/userpublic_html/sharedresources

I did have to get the permissions and ownership set right, but this works great!

MarcElbichon’s picture

Status:Active» Closed (fixed)