添加链接 注册    登录
link管理
链接快照平台
  • 输入网页链接,自动生成快照
  • 标签化管理网页链接
相关文章推荐
长情的椅子  ·  Troubleshooting: ...·  3 周前    · 
聪明伶俐的电影票  ·  如何在node.js中将JSON属性数组转换 ...·  1 月前    · 
不羁的仙人掌  ·  《绣春刀2》投资方嘉映影业携手陈可辛李樯闯关IPO·  1 月前    · 
重情义的豌豆  ·  泰迪熊耳机-泰迪熊耳机促销价格、泰迪熊耳机品 ...·  3 月前    · 
率性的红酒  ·  EdgeIE浏览器插件:全面攻略与常见问题解决指南·  4 月前    · 
link管理  ›  CSP Issue attempting to access an iframe from a different origin: "Blocked a frame with origin from
csp iframe
https://community.grafana.com/t/csp-issue-attempting-to-access-an-iframe-from-a-different-origin-blocked-a-frame-with-origin-from-accessing-a-cross-origin-frame/101551
刀枪不入的小蝌蚪
4 周前
Hi @minhhd , Welcome to the forum. Could you share your test script? It looks like the website under test is trying to access an iframe from a different origin, and it might be best to resolve that issue. We do provide a workaround which should work if you add bypassCSP: true when creating a newContext: const context = browser.newContext({ bypassCSP: true Cheers, Ankur

However, am I correct in assuming that this code no longer works since k6 v0.46? 

const context = browser.newContext({
  bypassCSP: true

From:


" * Browser options can now only be set using environment variables."


I searched for a relevant env variable but couldn’t fine one in the docs


Currently I get the following error


Blocked a frame with origin "https://mydomain.com" from accessing a cross-origin frame.

The code I’m attempting to execute is identical to the previous thread:


  console.log(page.evaluate(() => {
    return document.querySelector('iframe').contentWindow.document.getElementsByTagName('span')[0].innerText
              
Hello @colm3,


The code you provided remains functional in k6 v0.46. The bypassCSP setting belongs to the browserContext options, as outlined in the browserContext documentation, rather than being a browser module option. You can continue configuring it as you have before without necessitating the use of environment variables.


Kindly produce a test script that reproduces the issue, letting us offer assistance.


Thanks.

              
The “Blocked a frame with origin from accessing a cross-origin frame” error is triggered by the Same-Origin Policy in web browsers, which prevents scripts in one frame from directly accessing content in a frame from a different origin due to security concerns. To address this issue, you should employ cross-origin communication techniques such as postMessage() for controlled messaging between frames, configure Cross-Origin Resource Sharing (CORS) headers when controlling both source and destination servers, or use JSONP for data retrieval. Verify proper URL configuration, consider server-side solutions, and adhere to browser extension policies. These measures ensure secure and legitimate interactions between frames without violating the security constraints imposed by the Same-Origin Policy.

              
Hi @inancgumus


Here’s an example to reproduce the problem:

I’ve setup a tmp instance of a Braintree credit card form here:

https://k6csp.guruslabs.com/btree/


Here’s the sample k6 browser test I created
 
推荐文章
长情的椅子  ·  Troubleshooting: Content is not allowed in prolog | MiniWiki
3 周前
聪明伶俐的电影票  ·  如何在node.js中将JSON属性数组转换为字符串数组对象? - 腾讯云开发者社区 - 腾讯云
1 月前
不羁的仙人掌  ·  《绣春刀2》投资方嘉映影业携手陈可辛李樯闯关IPO
1 月前
重情义的豌豆  ·  泰迪熊耳机-泰迪熊耳机促销价格、泰迪熊耳机品牌 - 淘宝
3 月前
率性的红酒  ·  EdgeIE浏览器插件:全面攻略与常见问题解决指南
4 月前
Link管理   ·   51好读   ·   Sov5搜索   ·   小百科
link管理 - 链接快照平台