Error in cross-origin iframe. Anyone knows how do I remove this iframe from being checked in Sentry?


#1

The error is:
raven.min-d373aec939.js:2 Uncaught SecurityError: Failed to read the ‘contentDocument’ property from ‘HTMLIFrameElement’: Blocked a frame with origin “https://app.ilosvideos.com” from accessing a frame with origin “https://staticxx.facebook.com”. The frame being accessed set “document.domain” to “facebook.com”, but the frame requesting access did not. Both must set “document.domain” to the same value to allow access.d @ raven.min-d373aec939.js:2
raven.min-d373aec939.js:2 Uncaught SecurityError: Failed to read the ‘contentDocument’ property from ‘HTMLIFrameElement’: Blocked a frame with origin “https://app.ilosvideos.com” from accessing a frame with origin “https://accounts.google.com”. Protocols, domains, and ports must match.d @ raven.min-d373aec939.js:2

Thanks!


#2

@mwleinad – you would need to filter this yourself using the shouldSendCallback config option. Basically, you inspect the error object, and if it contains SecurityError you return false from the callback and the payload won’t be sent.

More here: https://docs.sentry.io/hosted/clients/javascript/config/


#3

We’ve been seeing this error a lot, in the last month.
Specifically 'Blocked a frame with origin “https://www.our-site.com” from accessing a frame with origin “https://staticxx.facebook.com”. The frame being accessed set “document.domain” to “facebook.com”, but the frame requesting access did not. Both must set “document.domain” to the same value to allow access.'
It appears to be accompanied by ‘script error .’. Just wondering if anyone knows of a common plug-in or 3rd party library that has been known for this error. For us is be almost exclusively on crios.

UPDATE:
https://bugs.chromium.org/p/chromium/issues/detail?id=709132 :slight_smile: