在IFRAME中，让你的函数对窗口对象是公共的:

window.myFunction = function(args) {
   doStuff();
}

从父页面访问，使用这个:

var iframe = document.getElementById("iframeId");
iframe.contentWindow.myFunction(args);

从iframe调用父JS函数是可能的，但只有当父JS函数和加载在iframe中的页面都来自同一个域，即example.com，并且都使用相同的协议，即都在http://或https://.上

在以下情况下调用将失败:

父页面和iframe页面来自不同的域。 他们使用不同的协议，一个在http://上，另一个在https://.上

任何解决这个限制的方法都是非常不安全的。

例如，假设我注册了域名superwinningcontest。例如，发送链接到人们的电子邮件。当他们加载主页时，我可以在那里隐藏一些iframe，阅读他们的Facebook动态，查看最近的亚马逊或贝宝交易，或者(如果他们使用的服务没有实现足够的安全性)从他们的账户转钱。这就是JavaScript仅限于同一域和同一协议的原因。

这里有一些需要注意的怪癖。

HTMLIFrameElement.contentWindow is probably the easier way, but it's not quite a standard property and some browsers don't support it, mostly older ones. This is because the DOM Level 1 HTML standard has nothing to say about the window object. You can also try HTMLIFrameElement.contentDocument.defaultView, which a couple of older browsers allow but IE doesn't. Even so, the standard doesn't explicitly say that you get the window object back, for the same reason as (1), but you can pick up a few extra browser versions here if you care. window.frames['name'] returning the window is the oldest and hence most reliable interface. But you then have to use a name="..." attribute to be able to get a frame by name, which is slightly ugly/deprecated/transitional. (id="..." would be better but IE doesn't like that.) window.frames[number] is also very reliable, but knowing the right index is the trick. You can get away with this eg. if you know you only have the one iframe on the page. It is entirely possible the child iframe hasn't loaded yet, or something else went wrong to make it inaccessible. You may find it easier to reverse the flow of communications: that is, have the child iframe notify its window.parent script when it has finished loaded and is ready to be called back. By passing one of its own objects (eg. a callback function) to the parent script, that parent can then communicate directly with the script in the iframe without having to worry about what HTMLIFrameElement it is associated with.

其中一些答案并没有解决CORS问题，或者没有明确地说明您将代码段放置在何处以使通信成为可能。

这里有一个具体的例子。假设我想点击父页面上的一个按钮，并让它在iframe中做一些事情。我是这么做的。

parent_frame.html

<button id='parent_page_button' onclick='call_button_inside_frame()'></button>

function call_button_inside_frame() {
   document.getElementById('my_iframe').contentWindow.postMessage('foo','*');
}

iframe_page.html

window.addEventListener("message", receiveMessage, false);

function receiveMessage(event)
    {
      if(event) {
        click_button_inside_frame();
    }
}

function click_button_inside_frame() {
   document.getElementById('frame_button').click();
}

要走另一个方向(点击iframe内的按钮调用iframe外的方法)，只需切换代码片段所在的位置，并更改如下:

document.getElementById('my_iframe').contentWindow.postMessage('foo','*');

:

window.parent.postMessage('foo','*')

IFRAME应该在frames[]集合中。使用像这样的东西

frames['iframeid'].method();

试试parent.myfunction()