Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement'

3
votes

i'm trying to make my own "website checker" for specific needs and i'm having problem accessing the iFrame..

Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Blocked a frame with origin "http:// checker.xcore.co.il" from accessing a frame with origin "http:// xcore.co.il". The frame requesting access set "document.domain" to "checker.xcore.co.il", but the frame being accessed did not. Both must set "document.domain" to the same value to allow access.

I must do this using iFrame because i need to access classes CSS. Click on this link, load the website and then click "fontSizeErrors" on the right and then you can see the error in the console log.

How can i pass this please?? I couldn't find anything helpful on Google..

Thanks!

1
javascriptjqueryiframe
Its called the html same origin policy. en.wikipedia.org/wiki/Same_origin_policy. Even a.example.com cannot access data from b.example.com do to security reasons. - cforcloud
you can't bypass it unless you have access to both domains and can set document.domain to match in both - charlietfl
run your script on the actual page via tampermonkey or greasmonkey instead of your own page with an iframe. - dandavis
How people make website checkers such as wave.webaim.org ? There must be a way i can pull each class's CSS - Nate

1 Answers

6
votes

That's a normal security measure used by all the browsers. You can't access elements or frames that have a different origin, that would be a huge security flaw. Hence, the browser blocks all the scripts that try to do that kind of stuff. To perform any action inside a frame its content must have the same origin.

For further information take look at this answer of mine.