帧间SOP - Chrome扩展 [英] Inter frame SOP - Chrome Extension

问题描述

一个错误偶尔会跳出来，并且不会阻止它正常工作。

这是作为内容脚本运行的。我相信权限不是问题，因为当缺少权限时，错误是不同的，Chrome的操作被阻止，绝对不是这种情况。

错误出现在这一行：

  encodeURIComponent（$ canvas.find（'iframe'）。contents （）.find（ '主体'）的文本（））。 
  

其中

  var $ canvas = $（'＃canvas_frame'）。contents（）; 
  

有关此错误和可能的周转的任何信息？

解决方案

您无法使用JavaScript阅读跨网站内容。 Google Chorme的XSS审计员绝不会允许这样做。

请查看 http://en.wikipedia.org/wiki/Same_origin_policy

更新1 -

支持在Chrome 2+中使用window.postMessage（）进行跨站点通信。请查看此文档 https://developer.mozilla.org /en-US/docs/DOM/window.postMessage

In a Chrome Extension, I'm trying to get gmail compose body content.

An error jumps out sporadically, and does not prevents it from working.

This is being run as a content script. I believe permissions are not the issue here, because when there is a permission missing, the error is different and the operation is blocked by Chrome, definitely not the case.

Error comes out in this line:

encodeURIComponent($canvas.find('iframe').contents().find('body').text());

where

var $canvas = $('#canvas_frame').contents();

Any information on this error and a possible turnaround?

解决方案

You can not read cross site content using javascript. XSS Auditor of Google Chorme will never allow this.

Please have a look at http://en.wikipedia.org/wiki/Same_origin_policy

UPDATE 1 -

There is support for cross site communication using window.postMessage() in Chrome 2+. Please have a look at this documentation https://developer.mozilla.org/en-US/docs/DOM/window.postMessage

这篇关于帧间SOP - Chrome扩展的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！