Unable to access cross domain iframes when not headless

[tshmit]

After updating to v1.20 I'm unable to access iframes from a foreign domain with headless: false.

Here's a page with 4 iframes, 3 of which are cross domain:

<html>
<body>
<iframe src="https://en.wikipedia.org/wiki/IFrame"></iframe>
<iframe src="http://example.com/"></iframe>
<iframe srcdoc="<p>Frame [2]</p>"></iframe>
<iframe src="http://www.htmlhelp.com/reference/html40/special/iframe.html"></iframe>
</body>
</html>

And some code that tries to access the frames:

const puppeteer = require('puppeteer');
(async () => {
    const browser = await puppeteer.launch({ headless: false });
    const [page] = await browser.pages();
    await page.goto('http://localhost: ... ');

    console.log('childFrames count:', page.mainFrame().childFrames().length);
    console.log('pageFrames count:', page.frames().length);

    const iframeHandles = await page.$$('iframe');

    console.log('contentFrame[0] is valid:', await iframeHandles[0].contentFrame() !== null);
    console.log('contentFrame[2] is valid:', await iframeHandles[2].contentFrame() !== null);

    await browser.close();
})();

Output with headless false:

childFrames count: 1
pageFrames count: 2
contentFrame[0] is valid: false
contentFrame[2] is valid: true

Output with headless true:

childFrames count: 4
pageFrames count: 9
contentFrame[0] is valid: true
contentFrame[2] is valid: true

What is the expected result?
I'd expect to be able to access cross domain iframes whether running headless or not (this was the case as of ~v1.15) Am I missing something?

[taeyoung4808]

same problem here !

[hi-ogawa]

It seems some workaround is already discussed here #2548 (comment) and it worked for me.

[tshmit]

Thanks for your reply, @hi-ogawa.
You're right --disable-features=site-per-process does seem to fix the problem.

I'm perplexed as to why my code ran without flag until updating to 1.20, but that's ok, I'll take it! :-)

[jiriyao]

--disable-features=site-per-process does seem to fix the problem.
but my chormium is crashed by add this item when handless is false

[ClockRide]

Doesn't work for me. It's fucking disgusting!

[flashjames]

The correct args are:

await puppeteer.launch({headless: headless, devtools: true, args: ['--disable-web-security', '--disable-features=IsolateOrigins', ' --disable-site-isolation-trials']});

But puppeteer kept crashing.

The reason was that I used an old puppeteer version, puppeteer 1.8.0.
After upgrading to puppeteer@8.0.0, it works.

You can check that isolation is disabled in:
chrome://process-internals

Suggested in https://stackoverflow.com/a/51320323/337587

More information on the flag: https://www.chromium.org/Home/chromium-security/site-isolation

@tshmit I suggest you close this issue, since it fixed in some version since you had the problem.

[8m0]

You don't even understand how sexy you are

The correct args are:

[stale]

We're marking this issue as unconfirmed because it has not had recent activity and we weren't able to confirm it yet. It will be closed if no further activity occurs within the next 30 days.

[stale]

We are closing this issue. If the issue still persists in the latest version of Puppeteer, please reopen the issue and update the description. We will try our best to accomodate it!

[TheGP]

According to ChatGPT and my testing, this is what actually works:

.\chrome.exe --disable-site-isolation-trials

Then, when you go to chrome://process-internals/#site-isolation you will see Site Isolation mode: Disabled. Yay!