Cannot access local resources using an iframe injected from my Chrome extension

[Tamar Yankelevich]

I am new to chrome extensions and would like some help.

I want to style the font of an iframe that I inject from my chrome extension.

As a first step, I tried to add a link to Google Fonts in the iframe's head tag:

 <link href="https://fonts.googleapis.com/css?family=Open+Sans:400,600,300" rel="stylesheet" type="text/css">

 

But got the following error:

 Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Open+Sans:400,600,300' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' https://app.getbeamer.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

 

I tried adding CSP to the meta tag/to the manifest file, but it did not help,

So, I wanted to host google fonts locally.

 

I downloaded the required files from here, and import font-face with src url to those files, e.g:

 

 

/* open-sans-regular - latin */

@font-face {

  font-family: 'Open Sans';

  font-style: normal;

  font-weight: 400;

  src: local(''),

       url('chrome-extension://extension_id/../fonts/open-sans-v29-latin-                     regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */

       url('chrome-extension://extension_id/../fonts/open-sans-v29-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */

}

I also included those files in the web_accessible_resources section in my manifest.json.

 

None of these attempts helped me import the fonts file properly.

I get the following err in the console:

Failed to load resource: net::ERR_FAILED

And of course, the font is not displaying as expected.

I searched for articles related to Chrome extensions and iframes, but couldn't find a viable workaround solution.

Any help will be appreciated!

I create the Iframe like this:

  const frame = document.createElement('iframe');

 

      frame.srcdoc = `

            <!doctype html>

            <html>

            <head>    

                <style>

/* open-sans-regular - latin */

@font-face {

  font-family: 'Open Sans';

  font-style: normal;

  font-weight: 400;

  src: local(''),

       url('chrome-extension://extension_id/../fonts/open-sans-v29-latin-                     regular.woff2') format('woff2'), /* Chrome 26+, Opera 23+, Firefox 39+ */

       url('chrome-extension://extension_id/../fonts/open-sans-v29-latin-regular.woff') format('woff'); /* Chrome 6+, Firefox 3.6+, IE 9+, Safari 5.1+ */

}

 

                    .example{

                        font-family: 'Open Sans';

                    }

                </style>

            </head>

            <body>

                <div class="example">

                    an example

                </div>

            </body>

        `;

[wOxxOm]

Using `srcdoc` is the wrong method of creating the iframe because its effective URL origin will be null, not your extension's origin, which in turn triggers a bug in ManifestV3: https://crbug.com/1219825.

You should use `src` pointing to an html file inside your extension as shown in examples e.g. iframeElem.src = chrome.runtime.getURL('iframe.html').

To pass the data you can use postMessage into iframeElem.contentWindow when the iframe loads or just append the data (if it's simple) to the file name above e.g. 'iframe.html?' + new URLSearchParams({foo: 'bar'})

Also make sure to replace extension_id in CSS files with __MSG_@@extension_id__ as shown in i18n documentation. Note that this trick doesn't work inside html files, so you'll need to use chrome.runtime.getURL inside js.

[Tamar Y]

Thank you so much for answering!

I'm trying to replace my iframe to use 'src'

But get-

This page has been blocked by Chrome error, and  can't see my iframe.

Here is my code- (content_script.js)

        const frame = document.createElement('iframe');

        frame.setAttribute('id', my_id);

        frame.src = chrome.runtime.getURL('iframe.html');

        frame.style.cssText = `

            margin: 0;

            padding: 0;

            display: block;

            position: fixed;

            z-index: 2147483647 !important;

            left: 0;

            top: 0;

            right: 0;

            bottom: 0;

            width: 100%;

            height: 100%;

            overflow: auto !important;

            background-color: rgba(0, 0, 0, 1);

            border: none;

        `;

        const maindiv = document.createElement('div');

        let shadowParent = maindiv.attachShadow({ mode: 'closed' });

        shadowParent.appendChild(iframe);

        document.body.insertBefore(maindiv, document.body.firstChild);

manifest.json:

{

  "manifest_version": 2,

  "name": "my_name",

  "version": "1.0.0",

  "browser_action": {

    "default_popup": "popup/popup.html"

  },

  "content_scripts": [

    {

      "all_frames": false,

      "run_at": "document_start",

      "matches": [

        "<all_urls>"

      ],

      "js": [

        "js/content_script.js"

      ]

    }

  ],

  "content_security_policy":"script-src 'self' https://www.gstatic.com/ https://*.firebaseio.com https://www.googleapis.com; object-src 'self'",

  "background": {

    "scripts": [

      "js/background.js"

    ],

    "persistent": false,

    "all_frames":true,

    "web_accessible_resources": [

      "iframe.html"

    ]

  },

  "permissions": [

    "activeTab",

    "<all_urls>",

    "storage",

    "tabs",

    "webNavigation",

    "alarms",

    "notifications",

    "nativeMessaging",

    "downloads"  ]

}

What am I doing wrong? 

And besides, Can I add a link to google fonts as I wanted before, by this way? (and not to use @font-face)

Thanks in advance.

ב-יום שני, 20 ביוני 2022 בשעה 15:08:11 UTC+3, wOxxOm כתב/ה:

[india pariksha]

sarkari result and sarkari exam