Unsafe access to frameElement causes error in crossdomain (i)frames

[SlexAxton]

We have 2 references to the frameElement property on an element in the jQuery source. The first is wrapped in a try/catch because if the frame is on a different domain, an access restricted exception occurs.

In bindReady:

try {
  toplevel = window.frameElement == null;
} catch(e) {}

In jQuery.event (the unsafe one):

// For whatever reason, IE has trouble passing the window object
// around, causing it to be cloned in the process
if ( jQuery.isWindow( elem ) && ( elem !== window && !elem.frameElement ) ) {
  elem = window;
 }

I'll attach a patch that avoids the frameWindow access altogether in this case, or we could consider just wrapping a try/catch. I think this solution is better though.

It so happens that while this fails"

  elem === window

This does not (so we can avoid the access):

  elem == window

More details from Shawn Smith (who found the fix) here:

​https://github.com/shawnsmith/jquery/commit/a5cf1291a1f6903fbe8a39b384080d872a30b460

[SlexAxton]

As promised, here is the pull request: ​https://github.com/jquery/jquery/pull/193

[SlexAxton]

Another potential fix:

​https://github.com/jquery/jquery/pull/232

The first pull request says "Yes, we work on other frames and windows' window objects"

and this pull request says "We only work on the original window object"

[snover]

workaround committed in [752db8fffeffa796f5cdb5553331436c0a4cc44e]; retargeting permanent fix as 1.6 blocker

[john]

Fixed. ​https://github.com/jquery/jquery/commit/7bfb6a7dd315f0eda3e5227f7d41e38f66f46549