You need to sign in to do that
Don't have an account?
Cross Domain Scripting Issue
Hi Friends,
I am using agent console for account. Actually I have override the account detail page by my custom page "AccountDetailExt". When I click console tab then i found all the accounts and can view the details of an account in main middle iframe. But when i click on any related objects for this account it gives me java-script error instead of showing them in the detail window and account details in "mini view" iframe.
So my console contains:
1. List View: All accounts
2. Detail View: Detail of account with its related lists (accounts domain is c.na7.salesforce.com)
3. Mini View: I cant see anything in this iframe. (standard sf domain na7.salesforce.com)
when i click any contact/ other related object link then it show me the js error in error console. the error is
"Error: permission denied for <https://c.na7.salesforce.com> to get property Window.ffInAlert from <https://na7.salesforce.com/home/home.jsp>"
please help me to get the mini view iframe for the console.
Thanks in advanced.
~Dilip Mistry
You can disable XSS filters on certian browsers. I, as warewolf says, would not suggest this to the point of saying that it is impossible. But since I personally wish that there was the ability to give permission to certian sites to get around XSS, at least am willing to admit that it is possible to get around this.
http://a4apphack.com/index.php/security/disabling-default-xss-filtering-in-ie8-for-security-testers
And other browsers have similar things.