Blocked a frame with origin: XXX from accessing cross origin frame #2784
Comments
|
Hmm I pretty much use electron only and also the tests on CI use electron so cannot be recent chrome change
…Sent from my iPhone
On Nov 14, 2018, at 19:37, Brian Mann ***@***.***> wrote:
This is happening when the current subject is <window>, there is a cross origin iframe within the application under test, and there is an assertion off of a parent command like:
cy.get('a').should('be.visible')
Why? Because apparently accessing window[0] now returns the cross origin window. I can't find where in the spec it defines this behavior, and perhaps this is a recent change to chrome?
At any rate, this is happening because we have some naive internal checks to determine whether a value is an element, the document, or the window.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
brian-mann
added a commit
that referenced
this issue
Nov 15, 2018
…ring value and subject -this prevents a situation where we accidentally iterate through a cross origin <window> object and cause cross origin issues
|
@bahmutov that's true, didn't think to test in electron, smh - oh well its fixed now |
|
Even that test that was causing problems in blog cypress.io?! If you remove “.first()”
…Sent from my iPhone
On Nov 14, 2018, at 20:13, Brian Mann ***@***.***> wrote:
@bahmutov that's true, didn't think to test in electron, smh - oh well its fixed now
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
Oh I see the PR now! Great catch
…Sent from my iPhone
On Nov 14, 2018, at 20:13, Brian Mann ***@***.***> wrote:
@bahmutov that's true, didn't think to test in electron, smh - oh well its fixed now
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
brian-mann
added a commit
that referenced
this issue
Nov 16, 2018
* synchronize lodash versions * start driver test server on 3500 + 3501 the same way * fixes #2784, short circuit checks to discover the DOM type when comparing value and subject -this prevents a situation where we accidentally iterate through a cross origin <window> object and cause cross origin issues * fix functions not being invoked with value * skip bad jira test derp
|
Released in |
|
Switched from chrome to electron and my error went away. Glad there was a solution to this. Thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is happening when the current subject is
<window>, there is a cross origin iframe within the application under test, and there is an assertion off of a parent command like:Why? Because apparently accessing
window[0]now returns the cross originwindow. I can't find where in the spec it defines this behavior, and perhaps this is a recent change to chrome?At any rate, this is happening because we have some naive internal checks to determine whether a value is an element, the document, or the window.
The text was updated successfully, but these errors were encountered: