I have a issue about the UX sheet that it show the information form the TM1 web, so the UX will access the Tm1 web when the sheet open.
However, The UX fail to collect the information form web server. i checked the DevTool on browser. it show “Blocked a frame with origin… from accessing a cross-origin frame.”
I check the tm1 web config, not more blocked for the Domain and we can access the tm1 web on browser.
TM1 web configuration:
Another, we try to build up simple service to access the tm1 web, it is successful.
Have any one happened this issue or any advise?
This error "Blocked a frame with origin from accessing a cross-origin frame " is not a bug. The same-origin policy is a security mechanism that ensures that window objects only have access to the informations they are authorized to get.
The window.postMessage() method provides a controlled mechanism to securely circumvent this Same-Origin Policy restriction. The window.postMessage() safely enables cross-origin communication between Window objects; e.g: between a page and an iframe embedded within it.
postMessage(message, targetOrigin, [transfer])
targetOrigin - specifies what the origin of targetWindow must be for the event to be dispatched, either as the literal string “*” (indicating no preference) or as a URI.