Reputation: 342
Browser without cross origin policy to access iframes
I know iterations of this question have been answered a lot, but I couldn't find a valid answer among them
I have an iframe and I want to play with it using javascript to test stuff. It's for personal testing only, I don't want it public.
I want a browser that allows me to do this without getting "Uncaught DOMException: Blocked a frame with origin X from accessing a cross-origin frame.
I've tried:
- to open chrome with "C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir=~/chromeTemp
- to disable all security in Firefox
- to install CORS disabling plugins.
For some reason, the browsers still throw that error.
I know I can write a script in another environment like node to load and manipulate the page, but I want to do it in a browser
So is there a browser that has no cross-domain security, or no security at all, but supports html5 for test purposes?
Upvotes: 4
Views: 3193
Answers (1)
Reputation: 3521
In recent versions of Chrome (77+), in addition to --disable-web-security, you've have to add the --disable-site-isolation-trials flag to access cross origin frames.
The command line to start Chrome will be something like
chrome.exe --disable-web-security --user-data-dir="C:\Users\Administrator\chrome-profile" --disable-site-isolation-trials
Source: https://www.chromium.org/Home/chromium-security/site-isolation
Upvotes: 4
Related Questions
- Access-Control-Allow-Origin not working for iframe within the same domain
- How to use JavaScript to access cross domain iFrame content?
- javascript - bypassing iframe cross domain security
- js cross-domain to iframe
- Cross-domain JavaScript iFrame-parent access blocked
- iframe cross-domain access
- Cross-domain javascript on an iframe without access to the target iframe?
- Accessing iframe elements across different domains
- crossdomain iframe handling
- Work around for iFrame cross domain policy?