accessing iFrame - permission denied

[eluser]tokyotech[/eluser]
I'm using a hidden iFrame to do a psuedo-AJAX image upload. When JS is trying to access the iFrame, it will get a permission denied error if the user got to the site via domain.com/whatever rather than http://www.domain.com/whatever. This is apparently some XSS vulnerability.

So how do I turn this form_open_multipart to use a relative link rather than an absolute link? With a relative link, the iFrame can be read no matter what URL is in the user's address bar.

Code:

// system/application/views/someFolder/myView.php:

echo form_open_multipart(
    'controllerName/methodInsideController',
    array(
        'target' => 'hiddenIFrame',
        'name' => 'logoUploadForm',
        'id' => 'logoUploadForm'
    )
);

[eluser]bretticus[/eluser]
[quote author="tokyotech" date="1252549332"]
So how do I turn this form_open_multipart to use a relative link rather than an absolute link? With a relative link, the iFrame can be read no matter what URL is in the user's address bar.[/quote]

My advice is not to use form_open_multipart, just use HTML in this case.

[eluser]tokyotech[/eluser]
I just wished everything in CI was relative. I just don't understand the need for absolute links - it's not easy to port when you're moving from server to server.

[eluser]tokyotech[/eluser]
So what is my relative link? I'm confused at what the current working directory is. Is it folderWhereCodeIgniterIsIn, system, application, or views?

[eluser]bretticus[/eluser]
[quote author="tokyotech" date="1252632521"]So what is my relative link? I'm confused at what the current working directory is. Is it folderWhereCodeIgniterIsIn, system, application, or views?[/quote]

It's always relative to the folder where your index.php is (which is the only file that ever gets truly called from your browser) at the same level as the system folder (not in it.)