(frame)
| 457 | var SERVER_ABORT = 2; |
| 458 | |
| 459 | function getDoc(frame) { |
| 460 | /* it looks like contentWindow or contentDocument do not |
| 461 | * carry the protocol property in ie8, when running under ssl |
| 462 | * frame.document is the only valid response document, since |
| 463 | * the protocol is know but not on the other two objects. strange? |
| 464 | * "Same origin policy" http://en.wikipedia.org/wiki/Same_origin_policy |
| 465 | */ |
| 466 | |
| 467 | var doc = null; |
| 468 | |
| 469 | // IE8 cascading access check |
| 470 | try { |
| 471 | if (frame.contentWindow) { |
| 472 | doc = frame.contentWindow.document; |
| 473 | } |
| 474 | } catch(err) { |
| 475 | // IE8 access denied under ssl & missing protocol |
| 476 | log('cannot get iframe.contentWindow document: ' + err); |
| 477 | } |
| 478 | |
| 479 | if (doc) { // successful getting content |
| 480 | return doc; |
| 481 | } |
| 482 | |
| 483 | try { // simply checking may throw in ie8 under ssl or mismatched protocol |
| 484 | doc = frame.contentDocument ? frame.contentDocument : frame.document; |
| 485 | } catch(err) { |
| 486 | // last attempt |
| 487 | log('cannot get iframe.contentDocument: ' + err); |
| 488 | doc = frame.document; |
| 489 | } |
| 490 | return doc; |
| 491 | } |
| 492 | |
| 493 | // Rails CSRF hack (thanks to Yvan Barthelemy) |
| 494 | var csrf_token = $('meta[name=csrf-token]').attr('content'); |
no test coverage detected