Home/ Questions/Q 8267865
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T05:41:14+00:00

This answer specifies explains how to access the content of all iframes on gmail.com

  • 0

This answer specifies explains how to access the content of all iframes on gmail.com https://stackoverflow.com/a/9439525/222236

But on mail.google.com it throws this error:

Unsafe JavaScript attempt to access frame with URL https://plus.google.com/u/0/_/... from frame with URL https://mail.google.com/mail/u/0/#inbox. Domains, protocols and ports must match.

I tried adding *://plus.google.com/* to the matches of the manifest of the extension, but it didn’t help.

Update: Checking for the url before accessing the content works, but my logic is very crude at the moment as it only checks for google plus: 

        if(-1==iframes[i].src.indexOf('plus.google.com')) {
            contentDocument = iframes[i].contentDocument;
            if (contentDocument && !contentDocument.rweventsadded73212312) {
                // add poller to the new iframe
                checkForNewIframe(iframes[i].contentDocument);
            }
        }
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Access is blocked due to the same origin policy.
    The right way to avoid the error is to exclude the frames from a different origin. Your logic is very crude indeed. It does not specifically look in the host name, and it doesn’t account for other domains.
    Invert the logic to have a robust solution:

    if (iframes[i].src.indexOf(location.protocol + '//' + location.host) == 0 ||
    iframes[i].src.indexOf('about:blank') == 0 || iframes[i].src == '') {

    Explanation of this white list:

    • protocol://host/ = https://mail.google.com.
      Obviously, the current host has to be allowed
    • about:blank and an empty string
      These frames are dynamically created and scripted by GMail.
    • 0