UnhandledPromiseRejectionWarning: Error: Evaluation failed: DOMException: Blocked a frame with origin (URL) from accessing a cross-origin frame

Question

I'm using Puppeteer v1.5 (https://github.com/GoogleChrome/puppeteer) and I'm trying to run the following code:

'use strict';

const puppeteer = require('puppeteer');
const fs = require('fs');

const configOptions = require('./config.json');

function evaluateRules(passedRuleset) {
  var doc = window.document;
  var ruleset = OpenAjax.a11y.RulesetManager.getRuleset(passedRuleset);
  var evaluator_factory = OpenAjax.a11y.EvaluatorFactory.newInstance();
  evaluator_factory.setParameter('ruleset', ruleset);
  evaluator_factory.setFeature('eventProcessing', 'fae-util');
  evaluator_factory.setFeature('groups', 7);
  var evaluator = evaluator_factory.newEvaluator();
  var evaluation = evaluator.evaluate(doc, doc.title, doc.location.href);
  var out = evaluation.toJSON(true);
  return out;
}

(async() => {
  const browser = await puppeteer.launch();

  var numPagesEvaluated;

  for (numPagesEvaluated = 0; numPagesEvaluated < configOptions.urls.length && numPagesEvaluated < configOptions.maxPages; numPagesEvaluated++){

    const millisecondsToSeconds = 1000;

    var page = await browser.newPage();
    await page.setBypassCSP(true);

    await page.goto(configOptions.urls[numPagesEvaluated], {timeout: configOptions.wait*millisecondsToSeconds, waitUntil: 'load'});
    await page.waitFor(configOptions.delay*millisecondsToSeconds);

    if (configOptions.authentication){
      const credentialsObject = {username: configOptions.username, password: configOptions.password};
      await page.authenticate(credentialsObject);
    }

    const evaluationFileOptions = {path: './oaa_a11y_evaluation.js'};
    const ruleFileOptions = {path: './oaa_a11y_rules.js'};
    const rulesetsFileOptions = {path: './oaa_a11y_rulesets.js'};

    const evaluationFileOptionsObject = Object.create(evaluationFileOptions);
    const ruleFileOptionsObject = Object.create(ruleFileOptions);
    const rulesetsFileOptionsObject = Object.create(rulesetsFileOptions);

    await page.addScriptTag(evaluationFileOptionsObject);
    await page.addScriptTag(ruleFileOptionsObject);
    await page.addScriptTag(rulesetsFileOptionsObject);

    var results = await page.evaluate(evaluateRules, configOptions.ruleset);

    var result_index = 0;

    fs.writeFile(configOptions.outputDirectory+ "/results_" + result_index.toString() + ".json", results, function(err) {
      if(err) {
          return console.log(err);
      }

      console.log("results_" + result_index.toString() + ".json was saved!");
      result_index++;
    });

    await page.close();
  }

  await browser.close();
})();

And I get the following error:

(node:11688) UnhandledPromiseRejectionWarning: Error: Evaluation failed: DOMException: Blocked a frame with origin "http://illinois.edu" from accessing a cross-origin frame.
at OpenAjax.a11y.cache.DOMCache.updateDOMElements (./oaa_a11y_evaluation.js:13588:42)
at OpenAjax.a11y.cache.DOMCache.updateDOMElements (./oaa_a11y_evaluation.js:13607:17)
at OpenAjax.a11y.cache.DOMCache.updateDOMElements (./oaa_a11y_evaluation.js:13607:17)
at OpenAjax.a11y.cache.DOMCache.updateDOMElementCache (./oaa_a11y_evaluation.js:13437:8)
at Object.evaluate (./oaa_a11y_evaluation.js:35293:17)
at evaluateRules (<anonymous>:9:30)
at ExecutionContext.evaluateHandle (C:\Users\Mihir\testing\node_modules\puppeteer\lib\ExecutionContext.js:88:13)
at <anonymous>
at process._tickCallback (internal/process/next_tick.js:188:7)
(node:11688) UnhandledPromiseRejectionWarning: Unhandled promise rejection. 
This error originated either by throwing inside of an async function without 
a catch block, or by rejecting a promise which was not handled with .catch().     
(rejection id: 1)
(node:11688) [DEP0018] DeprecationWarning: Unhandled promise rejections are 
deprecated. In the future, promise rejections that are not handled will 
terminate the Node.js process with a non-zero exit code.

Please note that I am making use of puppeteer's byPassCSP function. It doesn't seem to be doing anything though. This is happening because of Javascript's same-origin security policy as far as I can tell. Please help. I'm also adding the config.json file below for reference:

{
    "urls": ["http://illinois.edu/"],
    "maxPages": 1,
    "wait": 30,
    "delay": 5,
    "ruleset": "ARIA_STRICT",
    "outputDirectory": ".",
    "version": "0.1",
    "authorization": false,
    "credentials": {
        "username": "",
        "password": ""
    },
    "path": "",
    "spanDomains": "",
    "includeDomains": "",
    "excludeDomains": "",
    "depth": "",
    "exportOption": "",
    "debug": ""
}

Answer 1

I figured it out. The way to fix this error is to launch Chrome in Puppeteer with the flag --disable-web-security. Look at https://github.com/GoogleChrome/puppeteer/blob/v1.7.0/docs/api.md#puppeteerlaunchoptions for more info on how to use it.

This error is caused because of a security policy called same-origin policy. But beware that this flag shouldn't be used unless you know what you are doing and it's use can be dangerous from a security standpoint.