Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

iFrame interaction issues

See original GitHub issue

Current behavior:

I’m trying to interact with cross-origin iframe present on the website. In my test, when i don’t have “chromeWebSecurity”: false parameter set, all steps before the iframe interaction are passing and the interaction is not working (currently known issue).

But when i set the “chromeWebSecurity”: false parameter in cypress.json my test start to fail on earlier steps like asserts, getting elements etc. and i can’t even get to iframe interaction part.

As i’ve found in console, i’ve got error, like this:

Refused to display ‘https://myurl.com/some_id’ in a frame because it set ‘X-Frame-Options’ to ‘sameorigin’

When the option isn’t added in cypress.json i don’t have such issues and all previous steps are working.

Desired behavior:

I can interact with iFrame after adding “chromeWebSecurity”: false (as suggested in discussions about iframes)

Steps to reproduce:

Add “chromeWebSecurity”: false to cypress.json and try to proceed to iframe and interact with it. check the same without setting this parameter to false

Versions

Cypress 2.1.0, Chrome66, Electron59

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Reactions:7
  • Comments:28 (5 by maintainers)

github_iconTop GitHub Comments

19reactions
itaykotler-fundboxcommented, Jun 6, 2018

@oiurch - I have found a way to bypass the iframe issues. Works with the latest Chrome verision 67.0.3396.62

In my plugins/index.js file I have added the following:

module.exports = (on, config) => {
  on("before:browser:launch", (browser = {}, args) => {
    if (browser.name === "chrome") {
      args.push("--disable-features=CrossSiteDocumentBlockingIfIsolating,CrossSiteDocumentBlockingAlways,IsolateOrigins,site-per-process");
      args.push("--load-extension=cypress/extensions/Ignore-X-Frame-headers_v1.1");
      return args;
    }
  });
};

You can download the extension from here. Just copy-paste this and unpack it to your extension folder. You can find more details about the disabled flags here. Good luck

2reactions
JasonFairchildcommented, Mar 13, 2020

I got a nice error message in cypress about this anyway, but I though I would add a comment to hopefully help some avoid confusion. There is some syntax that is out of date in all the previous code examples. The changes should all be updated in this document: https://docs.cypress.io/api/plugins/browser-launch-api.html#Modify-browser-launch-arguments-preferences-and-extensions and here https://docs.cypress.io/guides/references/migration-guide.html#Plugin-Event-before-browser-launch

But for this specific extension, this has been working for me (I don’t think you have to provide the path to the extension, as it talks about in the docs, if you pack and unpack it in the default folder for extensions for cypress?):

  on("before:browser:launch", (browser, launchOptions) => {
    if (browser.name === "chrome") {
      launchOptions.args.push(
        "--disable-features=CrossSiteDocumentBlockingIfIsolating,CrossSiteDocumentBlockingAlways,IsolateOrigins,site-per-process"
      );
      launchOptions.args.push(
        "--load-extension=cypress/extensions/Ignore-X-Frame-headers_v1.1"
      );
      return launchOptions;
    }
  });
Read more comments on GitHub >

github_iconTop Results From Across the Web

Iframes are just terrible. Here's how they could be better.
There are big problems, though · They have a terrible reputation; historically they've been used pretty much exclusively for advertizing and ...
Read more >
Why developers hate iframes? [duplicate] - Stack Overflow
While working with web developers, I always hear from them that using iframes is something we must avoid as we can, and some...
Read more >
The ultimate guide to iframes - LogRocket Blog
When you are using an iframe, you are mostly dealing with content coming from a third party over which you have no control....
Read more >
Mo' iFrames Mo' Problems - Goldsmith Interactive
If you've got iFrames, you've got problems. And if you need to track that iFrame, you need to admit your problem before you...
Read more >
5 reasons to better not use iframe integration in your website
With an iframe integration, your users are eventually facing a couple of usability issues. The content, displayed in the iframe, could break (as ......
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Support video capture in browsers other than headless electron

Next page

Can't log in to app under test