In the normal browser security model, a script may only access the properties of documents served from the same domain or IP address, protocol, and port.
Any attempt to access a property in such cases will result in a "Permission Denied" error. Signed scripts or trusted ActiveX objects can overcome this in limited situations.