I was recently rolling my own AJAX upload script, posting a form to a hidden IFRAME and using the load event to know when the upload was complete. When the upload completed, I wanted to access the IFRAME content so I could verify that the upload completed successfully. Surprisingly I ran into the following JavaScript error:
Error: Permission denied to access property 'document'
If you were using jQuery, you may see this error instead:
Error: Permission denied to access property 'nodeType'
This confused me because I knew that my IFRAME was accessing an address on the same host, including protocol. After pulling my hair out and sending a plea for ideas on Twitter, Daniel Buchner mentioned a server-side header that I needed to adjust to allow for accessing that frame’s nodes: x-frame-options. The header can have values of NONE or SAMEORIGIN, and setting the x-frame-options to SAMEORIGIN fixed my issue!
If you continue seeing a “Permission Denied” error, it’s very possible you’re trying to do a cross-origin request, and that simply wont allow you access to the IFRAME content, unless a CORS configuration has been added.
Read the full article at: IFRAME Permission Denied Solution
Hosted by Media Temple, domain from Name.com.