-1

Usually getting access to elements from iframe will cause cross-origin error:

SecurityError: Blocked a frame with origin "http://localhost:8080" from accessing a cross-origin frame."

There are plenty of methods to solve it by building up communications between parent page and iframe page.

However in my case, iframe's src is an published website, which means I can not modify it or control it.

How can I solve this kind of cross-origin issue???

chucklai
  • 733
  • 1
  • 7
  • 19
  • https://stackoverflow.com/questions/25098021/securityerror-blocked-a-frame-with-origin-from-accessing-a-cross-origin-frame?noredirect=1&lq=1 – Donald Wu Sep 03 '19 at 07:24
  • @DonaldWu PLEASE read my description carefully. iframe page is not editable – chucklai Sep 03 '19 at 07:25
  • 1
    If you dont have access to modify the external page there is no way of doing it – PEPEGA Sep 03 '19 at 07:33
  • 1
    "Hi, 911? You know about security systems, right? I am trying burglary on this house but they have a very tight security system and it's not letting me in, how can I solve this issue?" :D The cross-origin protection exists for a reason. If you want in, _ask the owners_ to let you in. – Amadan Sep 03 '19 at 07:49
  • anyone has a solution? – chucklai Sep 03 '19 at 08:09
  • @Amadan If you don't know what others are doing, it's not a good idea to judge others – chucklai Sep 03 '19 at 10:12
  • 1
    I am not judging. I am stating it as a fact. Without their permission, you can't do what you want to do, because it was deliberately designed this way for security purposes. If there was a way around it, then the HTTP security model would not be worth the bytes it was stored in. The only way you get to interact with their page is _if they let you_. – Amadan Sep 03 '19 at 10:13
  • @Amadan well. we only talk about technique problems here. If anyone try to skip security checks is defined a burglar, authorities should enact laws immediately LOL – chucklai Sep 03 '19 at 10:35
  • can you tell us what you are trying to achieve. – indolentdeveloper Sep 03 '19 at 11:05
  • @indolentdeveloper in short, it's a robot, automatically operate on website. But not in a high frequency, just like do it manually – chucklai Sep 03 '19 at 11:27
  • I still wondering why iframe is calling localhost url. You have to see that iframe code is managed by third party. they would not want any arbitrary urls to be called from their code. – indolentdeveloper Sep 03 '19 at 12:04
  • @indolentdeveloper iframe is not calling. Error is "Blocked a PARENT frame with origin "http://localhost:8080" from accessing a cross-origin SON frame." – chucklai Sep 03 '19 at 12:25

1 Answers1

0

ok so you are trying to access components on iframe. If this is only working a demo/trial tool you can disable websecurity. Some hints here.

Uncaught DOMException: Blocked a frame with origin "http://localhost:8080" from accessing a cross-origin frame while listing the iframes in page

Dirty solution:

for windows:

chrome.exe --user-data-dir="" --disable-web-security for mac:

open -a Google\ Chrome --args --disable-web-security --user-data-dir="" In this way you open the chrome and let it ignore the web security.

indolentdeveloper
  • 910
  • 1
  • 7
  • 12