• <i id='eo7DQ'><tr id='eo7DQ'><dt id='eo7DQ'><q id='eo7DQ'><span id='eo7DQ'><b id='eo7DQ'><form id='eo7DQ'><ins id='eo7DQ'></ins><ul id='eo7DQ'></ul><sub id='eo7DQ'></sub></form><legend id='eo7DQ'></legend><bdo id='eo7DQ'><pre id='eo7DQ'><center id='eo7DQ'></center></pre></bdo></b><th id='eo7DQ'></th></span></q></dt></tr></i><div id='eo7DQ'><tfoot id='eo7DQ'></tfoot><dl id='eo7DQ'><fieldset id='eo7DQ'></fieldset></dl></div>
      <tfoot id='eo7DQ'></tfoot>
      • <bdo id='eo7DQ'></bdo><ul id='eo7DQ'></ul>

      <small id='eo7DQ'></small><noframes id='eo7DQ'>

    1. <legend id='eo7DQ'><style id='eo7DQ'><dir id='eo7DQ'><q id='eo7DQ'></q></dir></style></legend>

        Chrome 扩展:不安全的 JavaScript 尝试使用 URL 访问框架 域、协议和端口必须匹配

        Chrome Extension: Unsafe JavaScript attempt to access frame with URL Domains, protocols and ports must match(Chrome 扩展:不安全的 JavaScript 尝试使用 URL 访问框架 域、协议和端口必须匹配)
            <tfoot id='P5CZv'></tfoot>

                  <bdo id='P5CZv'></bdo><ul id='P5CZv'></ul>

                  <legend id='P5CZv'><style id='P5CZv'><dir id='P5CZv'><q id='P5CZv'></q></dir></style></legend>

                    <tbody id='P5CZv'></tbody>

                  <small id='P5CZv'></small><noframes id='P5CZv'>

                  <i id='P5CZv'><tr id='P5CZv'><dt id='P5CZv'><q id='P5CZv'><span id='P5CZv'><b id='P5CZv'><form id='P5CZv'><ins id='P5CZv'></ins><ul id='P5CZv'></ul><sub id='P5CZv'></sub></form><legend id='P5CZv'></legend><bdo id='P5CZv'><pre id='P5CZv'><center id='P5CZv'></center></pre></bdo></b><th id='P5CZv'></th></span></q></dt></tr></i><div id='P5CZv'><tfoot id='P5CZv'></tfoot><dl id='P5CZv'><fieldset id='P5CZv'></fieldset></dl></div>

                  本文介绍了Chrome 扩展:不安全的 JavaScript 尝试使用 URL 访问框架 域、协议和端口必须匹配的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  此答案指定说明如何访问 gmail.com 上所有 iframe 的内容 https://stackoverflow.com/a/9439525/222236

                  This answer specifies explains how to access the content of all iframes on gmail.com https://stackoverflow.com/a/9439525/222236

                  但是在 mail.google.com 上它会抛出这个错误:

                  But on mail.google.com it throws this error:

                  Unsafe JavaScript attempt to access frame with URL https://plus.google.com/u/0/_/... from frame with URL https://mail.google.com/mail/u/0/#inbox. Domains, protocols and ports must match.
                  

                  我尝试将 *://plus.google.com/* 添加到扩展程序清单的匹配项中,但没有帮助.

                  I tried adding *://plus.google.com/* to the matches of the manifest of the extension, but it didn't help.

                  更新:在访问内容之前检查 url 有效,但目前我的逻辑非常粗略,因为它只检查 google plus:

                  Update: Checking for the url before accessing the content works, but my logic is very crude at the moment as it only checks for google plus:

                          if(-1==iframes[i].src.indexOf('plus.google.com')) {
                              contentDocument = iframes[i].contentDocument;
                              if (contentDocument && !contentDocument.rweventsadded73212312) {
                                  // add poller to the new iframe
                                  checkForNewIframe(iframes[i].contentDocument);
                              }
                          }
                  

                  推荐答案

                  由于同源导致访问被阻止政策.
                  避免错误的正确方法是排除来自不同来源的帧.你的逻辑确实很粗糙.它不专门查看主机名,也不考虑其他域.
                  反转逻辑以获得稳健的解决方案:

                  Access is blocked due to the same origin policy.
                  The right way to avoid the error is to exclude the frames from a different origin. Your logic is very crude indeed. It does not specifically look in the host name, and it doesn't account for other domains.
                  Invert the logic to have a robust solution:

                  if (iframes[i].src.indexOf(location.protocol + '//' + location.host) == 0 ||
                      iframes[i].src.indexOf('about:blank') == 0 || iframes[i].src == '') {
                  

                  这个白名单的解释:

                  • protocol://host/ = https://mail.google.com.
                    显然,必须允许当前主机
                  • about:blank 和一个空字符串
                    这些框架由 GMail 动态创建和编写脚本.
                  • protocol://host/ = https://mail.google.com.
                    Obviously, the current host has to be allowed
                  • about:blank and an empty string
                    These frames are dynamically created and scripted by GMail.

                  这篇关于Chrome 扩展:不安全的 JavaScript 尝试使用 URL 访问框架 域、协议和端口必须匹配的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

                  相关文档推荐

                  Gradient Button to background-color blinks on hover(悬停时背景颜色的渐变按钮闪烁)
                  How to make hovering over active button not use hover effect?(如何使悬停在活动按钮上不使用悬停效果?)
                  html javascript show image hover(html javascript 显示图像悬停)
                  How to get css hover values on click?(如何在点击时获得 css 悬停值?)
                  Change background image on link hover(更改链接悬停时的背景图像)
                  Highlight multiple items on hover#39;s condition(突出显示悬停条件下的多个项目)
                    <tbody id='nhJsB'></tbody>

                  <small id='nhJsB'></small><noframes id='nhJsB'>

                  <tfoot id='nhJsB'></tfoot>

                          <bdo id='nhJsB'></bdo><ul id='nhJsB'></ul>
                        • <legend id='nhJsB'><style id='nhJsB'><dir id='nhJsB'><q id='nhJsB'></q></dir></style></legend>
                            <i id='nhJsB'><tr id='nhJsB'><dt id='nhJsB'><q id='nhJsB'><span id='nhJsB'><b id='nhJsB'><form id='nhJsB'><ins id='nhJsB'></ins><ul id='nhJsB'></ul><sub id='nhJsB'></sub></form><legend id='nhJsB'></legend><bdo id='nhJsB'><pre id='nhJsB'><center id='nhJsB'></center></pre></bdo></b><th id='nhJsB'></th></span></q></dt></tr></i><div id='nhJsB'><tfoot id='nhJsB'></tfoot><dl id='nhJsB'><fieldset id='nhJsB'></fieldset></dl></div>