2

I'm creating a chrome extension to compliment my webapp. Long story short, it creates an iframe within a content-script that hosts a site I've created previously. The iframe is loaded locally with the chrome extension.

The reason it's an iframe is because as opposed to making a pop-up with a browser-action I am trying to make it look like panel/modal within gmail. Here's an example of what it looks like

enter image description here

Now to the actual issue, I'm trying to execute an action within the iframe that operates on the iframe's parent window. for example window.parent.someMethod(). However every time I attempt that I get this error:

Uncaught DOMException: Blocked a frame with origin 
"chrome-extension://dcihnokebmondckijoccdhbhcpkonfid" from accessing a
cross-origin frame.(anonymous function)

I know this has to do with the security baked into chrome-extensions and in attempt to alleviate the issue I've set my content_security_policy inside the manifest to script-src 'self' 'unsafe-eval'; object-src 'self';. This did not solve my issue.

In summary: I'm looking for a solution inside of the chrome extension api to allow my iframe to access it's parents window.

Spittal
  • 779
  • 2
  • 12
  • 23

1 Answers1

0

You can't, to the best of my knowledge.

You should instead message the content script in the tab to do something for you.

Xan
  • 74,770
  • 16
  • 179
  • 206
  • Hey thanks for the suggestion. I've implemented `chrome.runtime.sendMessage({greeting: "hello"});` in my iframe and `chrome.runtime.onMessage.addListener( function(request, sender, sendResponse) { console.log(sender.tab ? "from a content script:" + sender.tab.url : "from the extension"); } );` in my extension. Still doesn't seem to work any ideas? – Spittal May 05 '15 at 19:03
  • Thanks, will look into now. – Spittal May 05 '15 at 19:05
  • should I be using `chrome.tabs.sendMessage()` – Spittal May 05 '15 at 19:06
  • Maybe it's best to ask a separate question. I would suggest you try to fix it yourself though. – Xan May 05 '15 at 19:07
  • No it's true, I get caught up in "I don't want to read the docs" mentality. Which is bad. Thanks for the help, you've pointed me in the right direction. – Spittal May 05 '15 at 19:10