Acess cross origin iframe content loaded on background page

1,383 views
Skip to first unread message

GMathew

unread,
Jul 17, 2017, 12:02:17 PM7/17/17
to Chromium-Extensions-Announce
I have seen this question come up a lot of times in this group and stackoverflow but I havent so far found a solution and just digging around for few days.

My requirement is I create a third party iframe and scrape some html content from it. But I get cross origin error when accessing it. Is this possible ? I see an extension that is doing this but is minified so cant figure out how it is done. I see solutions to use xmlhttp request and append content somewhere but it doesn't provide me all content that is loaded via ajax on page.  Also saw some suggestions about using PostMessage, but its a third party iframe where I dont have access to code so how do I send it a PostMessage ?

I will really appreciate any direction on this issue.

Thanks
George


PhistucK

unread,
Jul 17, 2017, 12:07:28 PM7/17/17
to GMathew, Chromium-Extensions-Announce
I think you can use executeScript (or a content script) in order to run code within the iFrame (in the world of the extension, but, still, you can access the DOM or, by injecting a <script>, the globals as well). From there on, you use postMessage/sendMessage as usual.


PhistucK

--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
To post to this group, send email to chromium-extensions@chromium.org.
Visit this group at https://groups.google.com/a/chromium.org/group/chromium-extensions/.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/b6786ae7-ada9-49d9-8eee-02014abd03d2%40chromium.org.
For more options, visit https://groups.google.com/a/chromium.org/d/optout.

GMathew

unread,
Jul 17, 2017, 1:01:35 PM7/17/17
to Chromium-Extensions-Announce
Thanks a lot for getting back as I am struggling with this.

Will this be possible even if iframe is appended from background.js to  background page and its not actually a tab? I see content script executed on tabs but not on iframe that is loaded inside extension background page. 

Also I am a really newbie to extensions, can you explain if passing something like document.getElementByID().value work to fetch items from iframe ?


On Monday, July 17, 2017 at 12:07:28 PM UTC-4, PhistucK wrote:
I think you can use executeScript (or a content script) in order to run code within the iFrame (in the world of the extension, but, still, you can access the DOM or, by injecting a <script>, the globals as well). From there on, you use postMessage/sendMessage as usual.


PhistucK

On Mon, Jul 17, 2017 at 7:02 PM, GMathew <sonesh...@gmail.com> wrote:
I have seen this question come up a lot of times in this group and stackoverflow but I havent so far found a solution and just digging around for few days.

My requirement is I create a third party iframe and scrape some html content from it. But I get cross origin error when accessing it. Is this possible ? I see an extension that is doing this but is minified so cant figure out how it is done. I see solutions to use xmlhttp request and append content somewhere but it doesn't provide me all content that is loaded via ajax on page.  Also saw some suggestions about using PostMessage, but its a third party iframe where I dont have access to code so how do I send it a PostMessage ?

I will really appreciate any direction on this issue.

Thanks
George


--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
To post to this group, send email to chromium-...@chromium.org.

PhistucK

unread,
Jul 17, 2017, 1:13:12 PM7/17/17
to GMathew, Chromium-Extensions-Announce
You cannot pass a function, you can pass an object or a string and in the worst case, run code string using eval().
It is better to pass an action ({action: "get-value-of-button"}) and have a switch/case for each action in the content script itself and run whatever your want right in there and respond with the value (if the value is acquired asynchronously, I think you need to return false within the onMessage listener, if you are using chrome.runtime.onMessage, otherwise your response will be lost).

Content scripts, by default, do not run in frames at all. You must specify all_frames: true in the definition of your content script.
I believe content scripts run on more than just tabs.


PhistucK

On Mon, Jul 17, 2017 at 8:01 PM, GMathew <sonesh...@gmail.com> wrote:
Thanks a lot for getting back as I am struggling with this.

Will this be possible even if iframe is appended from background.js to  background page and its not actually a tab? I see content script executed on tabs but not on iframe that is loaded inside extension background page. 

Also I am a really newbie to extensions, can you explain if passing something like document.getElementByID().value work to fetch items from iframe ?

On Monday, July 17, 2017 at 12:07:28 PM UTC-4, PhistucK wrote:
I think you can use executeScript (or a content script) in order to run code within the iFrame (in the world of the extension, but, still, you can access the DOM or, by injecting a <script>, the globals as well). From there on, you use postMessage/sendMessage as usual.


PhistucK

On Mon, Jul 17, 2017 at 7:02 PM, GMathew <sonesh...@gmail.com> wrote:
I have seen this question come up a lot of times in this group and stackoverflow but I havent so far found a solution and just digging around for few days.

My requirement is I create a third party iframe and scrape some html content from it. But I get cross origin error when accessing it. Is this possible ? I see an extension that is doing this but is minified so cant figure out how it is done. I see solutions to use xmlhttp request and append content somewhere but it doesn't provide me all content that is loaded via ajax on page.  Also saw some suggestions about using PostMessage, but its a third party iframe where I dont have access to code so how do I send it a PostMessage ?

I will really appreciate any direction on this issue.

Thanks
George


--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsubscribe...@chromium.org.

--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
To post to this group, send email to chromium-extensions@chromium.org.

Visit this group at https://groups.google.com/a/chromium.org/group/chromium-extensions/.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/85d38b6c-bfc4-47fd-8198-06d50693a94f%40chromium.org.

GMathew

unread,
Jul 17, 2017, 10:51:56 PM7/17/17
to Chromium-Extensions-Announce, sonesh...@gmail.com
I've managed to inject script in to iframe on background page, which passed back a string fine. However is there any way to return entire html content of page or object on that page ? I have tried passing a javascript variable as well as a dom but it shows up as undefined when trying to send using following

In contentscript I have following

    chrome.runtime.sendMessage(        
       {"domis": skuProducts},/*skuProducts is a variable on page in javascript*/
        function (response) {
            console.log(response);
        }
    );


On Monday, July 17, 2017 at 1:13:12 PM UTC-4, PhistucK wrote:
You cannot pass a function, you can pass an object or a string and in the worst case, run code string using eval().
It is better to pass an action ({action: "get-value-of-button"}) and have a switch/case for each action in the content script itself and run whatever your want right in there and respond with the value (if the value is acquired asynchronously, I think you need to return false within the onMessage listener, if you are using chrome.runtime.onMessage, otherwise your response will be lost).

Content scripts, by default, do not run in frames at all. You must specify all_frames: true in the definition of your content script.
I believe content scripts run on more than just tabs.


PhistucK

On Mon, Jul 17, 2017 at 8:01 PM, GMathew <sonesh...@gmail.com> wrote:
Thanks a lot for getting back as I am struggling with this.

Will this be possible even if iframe is appended from background.js to  background page and its not actually a tab? I see content script executed on tabs but not on iframe that is loaded inside extension background page. 

Also I am a really newbie to extensions, can you explain if passing something like document.getElementByID().value work to fetch items from iframe ?

On Monday, July 17, 2017 at 12:07:28 PM UTC-4, PhistucK wrote:
I think you can use executeScript (or a content script) in order to run code within the iFrame (in the world of the extension, but, still, you can access the DOM or, by injecting a <script>, the globals as well). From there on, you use postMessage/sendMessage as usual.


PhistucK

On Mon, Jul 17, 2017 at 7:02 PM, GMathew <sonesh...@gmail.com> wrote:
I have seen this question come up a lot of times in this group and stackoverflow but I havent so far found a solution and just digging around for few days.

My requirement is I create a third party iframe and scrape some html content from it. But I get cross origin error when accessing it. Is this possible ? I see an extension that is doing this but is minified so cant figure out how it is done. I see solutions to use xmlhttp request and append content somewhere but it doesn't provide me all content that is loaded via ajax on page.  Also saw some suggestions about using PostMessage, but its a third party iframe where I dont have access to code so how do I send it a PostMessage ?

I will really appreciate any direction on this issue.

Thanks
George


--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.

--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.

PhistucK

unread,
Jul 18, 2017, 12:19:40 AM7/18/17
to GMathew, Chromium-Extensions-Announce
Content scripts on their own cannot access variables from the page, only the DOM. In order to access a variable from the page, you need to inject a <script>. It will pass the string using parent.postMessage instead (and your background page needs to listen to window.onmessage).


PhistucK



PhistucK



PhistucK

To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsubscribe...@chromium.org.

--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsubscribe...@chromium.org.

--
You received this message because you are subscribed to the Google Groups "Chromium-Extensions-Announce" group.
To unsubscribe from this group and stop receiving emails from it, send an email to chromium-extensions+unsub...@chromium.org.
To post to this group, send email to chromium-extensions@chromium.org.

Visit this group at https://groups.google.com/a/chromium.org/group/chromium-extensions/.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/chromium-extensions/0d8e6ac4-a6c4-43b8-bc6f-34d4e760a3d4%40chromium.org.
Reply all
Reply to author
Forward
0 new messages