Iframe sandboxing with 'allow-same-origin'

2019-06-16 17:18发布

Can someone please provide me more information on this error and how 'allow-same-origin' flag works? I am getting following error in Chrome for iframe Sandboxing:

Uncaught SecurityError: Failed to read the 'contentDocument' property from 'HTMLIFrameElement': Sandbox access violation: Blocked a frame at "http://192.168.0.169" from accessing a frame at "http://192.168.0.169". The frame being accessed is sandboxed and lacks the "allow-same-origin" flag.

I am little confused as why I would need 'allow-same-origin' flag when frame from 192.168.0.169 is accessing another frame from same ip address. Thank you very much.

1条回答
Lonely孤独者°
2楼-- · 2019-06-16 17:50

You probably have a sandbox attribute in your iframe:

The sandbox attribute enables an extra set of restrictions for the content in the iframe, and it is a whitelist of enabled permissions,

so You could either remove the attribute, or edit it to fit the permissions You need.

optional permissions could be found here: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe

and some more info here: http://www.html5rocks.com/en/tutorials/security/sandboxed-iframes/

查看更多
登录 后发表回答