Accessing the document of a cross domain iframe using an extension in Chrome 45.0.2454.101

Question

I am using a content script in a Chrome extension to access a document in a cross domain iframe, using this code:

document.querySelector('iframe').contentWindow.document

This worked fine until I upgraded to the latest version of Google Chrome (45.0.2454.101 64-bit), which reports the following security error when accessing the iframe:

Uncaught SecurityError: Blocked a frame with origin
"http://www.miercn.com" from accessing a frame with origin
"http://pos.baidu.com". Protocols, domains, and ports must match.

What changed in this version of Chrome and how to resolve this problem?

My Chrome version:

Google Chrome 45.0.2454.101 (正式版本) （64 位）修订版本 3b3c00f2d95c45cca18ab944acced413fb759311-refs/branch-heads/2454@{#502} 操作系统 Mac OS X Blink 537.36 (@3b3c00f2d95c45cca18ab944acced413fb759311) JavaScript V8 4.5.103.35 Flash 19.0.0.185 用户代理 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36 命令行 /Applications/Google Chrome.app/Contents/MacOS/Google Chrome --enable-avfoundation --enable-avfoundation --flag-switches-begin --flag-switches-end

score 10 · Accepted Answer · edited May 23 '17 at 12:07

10

You will have to use cross-domain messaging via postMessage.

And in order for your content script on the main page to communicate with the content script injected into the iframe, the content script should be injected in all frames:

"content_scripts": [{
    "matches": ["<all_urls>"],
    "js": ["content.js"],
    "all_frames": true
}],

edited May 23 '17 at 12:07

Community

1
1

answered Sep 28 '15 at 08:54

wOxxOm

65,848
11
132
136

Thx, you saved my life! "all_frames" does the trick. – gignu Apr 28 '21 at 09:58

Accessing the document of a cross domain iframe using an extension in Chrome 45.0.2454.101

1 Answers1

Linked