So I have been testing a website using Selenium, specifically a page with a credit card form embedded in an iframe. I want to access the content of said iframe but due to CORS I get the error message:
Uncaught DOMException: Blocked a frame with origin "<url>" from accessing a cross-origin frame.
I made a quick google search and realized you can bypass CORS using the "--disable-web-security" flag, so my code now looks like the following:
options = webdriver.ChromeOptions()
options.add_argument("--disable-web-security")
self.driver = webdriver.Chrome(os.getenv("CHROME_DRIVER"), options=options)
Surprisingly, the CORS exception keeps on popping and I'm currently stuck on how to go from here. I really do have to access the iframe's content, there isn't a workaround for this.
Since I was confused as to why this didn't work, I replicated the problem with another website, in this case Amazon, which functions similarly (credit card form embedded in an iframe). I ran the code with web security enabled and I get the same CORS error, as expected. But then I disable web security, exactly as mentioned before, and it works! I can now access the iframe.
I also downgraded to an older version of Chrome (86) from the current most stable (88) and nothing happens again. I'm using Ubuntu 20.04.
So now I'm wondering - why isn't the flag working for the first scenario I mentioned? Is there a chance the first website is forcing the browser's web security or something related? I'm not an expert in web development so any input on this would be valuable.
