[webkit-dev] Disable Javascript security warnings?

Devara, Kavitha kdevara at quicinc.com
Mon Sep 12 19:12:18 PDT 2011


>From your javascript, perhaps you can set the "referring URL" in the HTTP Headers of the request( to get IFrames) to " http://www.google.com",
or whichever URL you are requesting the frames for?  You will have to create your  own XHR object for the HTTP Request.

Thanks,
-Kavitha

From: webkit-dev-bounces at lists.webkit.org [mailto:webkit-dev-bounces at lists.webkit.org] On Behalf Of Rob Crowell
Sent: Monday, September 12, 2011 6:42 PM
To: webkit-dev at lists.webkit.org
Subject: [webkit-dev] Disable Javascript security warnings?

Hey all,

I'm working on a web scraper that embeds WebKit directly (via pyWebKitGTK if it matters, though I don't think my question is specific to that library).  I'm trying to extract image metadata (domains, dimensions, location on the page, etc) from a page, including any iframes that are embedded there.

Because WebKit already knows everything about the data I want (image dimensions, position on page), I'm extracting content by executing javascript via the webkit_web_view_execute_script call described here: http://webkitgtk.org/reference/webkitgtk-webkitwebview.html#webkit-web-view-execute-script

My javascript works when the iframes are on the same domain, but fails (obviously) when they're not.  How can I disable the "Unsafe JavaScript attempt to access frame with URL http://www.google.com/ from frame with URL http://10.0.0.50/js_test.html. Domains, protocols and ports must match." error message?

I've come across the WebKitSecurityOrigin object and I've been able to extract the host/port/protocol of my current page, but I haven't found a way to spoof this mechanism...

I know too that Chrome has the --disable-web-security flag, but I can't quite put my finger on what I need to do to replicate this functionality when working with WebKit directly.

Can anyone offer a pointer or suggestion?

Thanks so much!

--Rob

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20110913/d5d1b658/attachment.html>


More information about the webkit-dev mailing list