问题描述
我正在尝试使用 Runtime.evaluate
访问跨源 iframe 的 contentDocument。据我了解的文档,这应该可以通过使用 Page.createIsolatedWorld
+ asks
[1] 创建一个具有通用访问权限的 executionContext
并将返回的 grantUniveralAccess: true
传递给 {{1 }} 为 executionContextId
。
有什么想法吗?
给定一个以 Runtime.evaluate
[2] 开始的铬工艺。
contextId
[1] 我希望通用访问允许我以与 chromium-browser --user-data-dir=/tmp/headless --remote-debugging-port=9000
标志相同的方式访问跨源资源 - 在内部 grants universal access
// See [3] for full code
const frameId = /* frameId of our page with origin localhost:9000 */
function execute(command,args) { /* ... send and receive on websocket */ }
const {executionContextId} = await execute("Page.createIsolatedWorld",{
frameId: frameId,grantUniveralAccess: true // NOT grantUniversalAccess. Typo in devtools protocol itself [4].
})
// fails with:
// Access to fetch at 'http://example.com/' from origin 'http://localhost:9000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs,set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
await execute("Runtime.evaluate",{
awaitPromise: true,expression: `fetch("http://example.com").then(r => r.text())`,contextId: executionContextId
})
// fails with:
// Uncaught DOMException: Blocked a frame with origin "http://localhost:9000" from accessing a cross-origin frame.
execute("Runtime.evaluate",expression: `
new Promise((resolve,reject) => {
const iframe = document.createElement("iframe");
iframe.src = "http://example.com"
iframe.onload = () => resolve(iframe)
iframe.onerror = reject;
document.body.append(iframe)
}).then(iframe => iframe.contentwindow.document)`,contextId: executionContextId
})
[2] 全速运行以便于调试(例如,看到完整的 cors 错误仅打印到控制台)- 使用 --disable-web-security
运行也不起作用。
[3]
if (!frame_->GetSettings()->GetWebSecurityEnabled()) {
// Web security is turned off. We should let this document access
// every other document. This is used primary by testing harnesses for
// web sites.
origin->GrantUniversalAccess();
[4] 正确的参数名称是 grantUniveralAccess(--headless
中没有 const targets = await fetch("http://localhost:9000/json").then(r => r.json());
const tab = targets.filter(t => t.type === "page")[0];
let counter = 0,commands = {};
const w = new WebSocket(tab.webSocketDebuggerUrl);
await new Promise(resolve => { w.onopen = resolve; })
w.onmessage = event => {
const json = JSON.parse(event.data)
if (commands[json.id]) commands[json.id](json);
else console.log(json); // event
}
function execute(method,params) {
return new Promise((resolve,reject) => {
const id = counter++;
commands[id] = ({result,error}) => {
console.log(method,params,result,error)
if (error) reject(error);
else resolve(result);
// delete commands[id];
};
w.send(JSON.stringify({method,id,params}));
});
}
window.execute = execute;
window.frameId = tab.id;
)。通过传递类型不正确的值(期望布尔值)轻松验证
s
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)