问题描述
我有一个使用localStorage的Web应用程序。现在,我们想通过iframe将此网络应用程序嵌入其他(第三方)网站上。我们希望提供与youtube类似的iframe嵌入,以便其他网站可以将我们的网络应用嵌入iframe。从功能上讲,它与不会被嵌入一样。但这是行不通的。 Chrome显示错误消息:
I have a web app which uses localStorage. Now we want to embed this web app on other (third-party) sites via iframe. We want to provide an iframe embed similar to youtube so that other websites can embed our web app in an iframe. Functionally it is the same as if it wouldn't be embedded. But it does not work. Chrome prints the error message:
Uncaught SecurityError: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.
我只是在iframe中进行了以下检查:
I just do the following check (in the iframe):
if (typeof window.localStorage !== 'undefined') {
// SETUP SESSION, AUHT, LOCALE, SETTINGS ETC
} else {
// PROVIDE FEEDBACK TO THE USER
}
我按照,但它不起作用。是否有任何更改使嵌入成为可能,而无需调整大多数现代浏览器的(默认)安全性设置?
I checked my security settings in Chrome like described in another Stackoverflow Thread but it doesn't work. Is there any change to make embedding possible without the need of adjusting (default) security settings of most modern browsers?
要提供更多信息,我们将Ember-CLI用于我们的Web应用程序并打开()。 CSP会导致我们的Web应用引发安全性错误吗?
To give more information, we use Ember-CLI for our web app and turned on CSP (more info about the Ember-CLI CSP). Could CSP cause our web app to throw security errors?
推荐答案
在Chrome的设置>隐私>内容设置下,您具有cookie设置设置为阻止网站设置任何数据。
Under Chrome's Settings > Privacy > Content settings, you have the cookie setting set to to "Block sites from setting any data"
此复选框是导致异常的原因。
This checkbox is what is causing the exception.
这篇关于Chrome中的iframe错误:无法从“窗口”读取“ localStorage”:拒绝对此文档进行访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!