Unsafe JavaScript attempt to access frame in 1.9.8

[artjomb]

I see some questions on StackOverflow with Unsafe JavaScript attempt to access frame notices with the new PhantomJS version 1.9.8. I have created a small sample script

var page = require('webpage').create();

// notices disappear when removing the event handler
page.onConsoleMessage = function(msg) {
    console.log(msg.length);
};

page.open("http://google.com/", function(status) {
    page.evaluate(function() {
        function embedImg(org) {
            var img = new Image();
            img.src = org.src;
            img.onload = function() {
                var canvas = document.createElement("canvas");
                canvas.width = this.width;
                canvas.height = this.height;

                var ctx = canvas.getContext("2d");
                ctx.drawImage(this, 0, 0);

                var dataURL = canvas.toDataURL("image/png");

                org.src = dataURL;
                // notices disappear when removing the console.log
                console.log(dataURL);
            }
        }
        var imgs = document.getElementsByTagName("img");
        for (var index=0; index < imgs.length; index++) {
            embedImg(imgs[index]);
        }
    });
    // notices disappear when 'asynchronizing' exit using setTimeout even with a 0 timeout
    //setTimeout(function(){
        phantom.exit()
    //}, 0);
});

This didn't happen in 1.9.7.

Complete error

Unsafe JavaScript attempt to access frame with URL  from frame with URL file://test46_google.js. Domains, protocols andports must match.

Unsafe JavaScript attempt to access frame with URL  from frame with URL file://test46_google.js. Domains, protocols andports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file://test46_google.js. Domains, protocols and ports must match.

This is the smallest code that reproduces this for CasperJS (run as casperjs test script.js):

casper.test.begin('test unsafe', function(test) {
    test.done();
});

I suspect this happens when PhantomJS tries to exit, but there is currently data exchange between page context and outer context. I've also searched for the error string in the sources here on github, but couldn't find any reference for this notice. The notices don't go way when PhantomJS is run with --web-security=false and similar.

[artjomb]

On SO: Using PhantomJs to embed all images of a webpage and CasperJS and 'Unsafe JavaScript attempt to access frame with URL' error

[docbrown]

The setTimeout work-around only worked for me if I closed the page first. So I came up with this wrapper function that also halts the script as expected:

function exit(code) {
    if (page) page.close();
    setTimeout(function(){ phantom.exit(code); }, 0);
    phantom.onError = function(){};
    throw new Error('');
}

[vitalets]

+1
waiting for fix

[buberdds]

+1

[jsotuyod]

+1

[v4l3r10]

+1

[mickaelandrieu]

@vitallium : would you mind to ping CasperJs team when the issue is resolved ?
We may want to add the (probably) last 1.9.x release of phantomjs support for our 1.1 release.

Sorry to not help, I'm not very easy with C++, thank you for the great job you have done 👍

[vitallium]

@mickaelandrieu yeah, sure.

[vitallium]

@mickaelandrieu fixed in #12720

[juanpabloaj]

a short example of this problem.

If I copy and paste this code in the phantomjs "interpret"

var webPage = require('webpage');
var page = webPage.create();

page.open("http://www.google.com", function start(status) {
  page.render('google_home.jpeg', {format: 'jpeg', quality: '100'});
  phantom.exit();
});

I get this

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file:. Domains, protocols and ports must match.

Unsafe JavaScript attempt to access frame with URL about:blank from frame with URL file:. Domains, protocols and ports must match.

[ariya]

Fix in 1.9 branch (though it won't be part of any release).

[mickaelandrieu]

@ariya thanks.
For the casperJS project, this means at this point:
we support from 1.8.2 to 1.9.7 and master branch.

Am I correct considering this bug resolution ?
Is this fix ported to 2.x future release ?

Regards

[ariya]

I don't think this bug applies to PhantomJS 2. But better double check and verify it.

Not sure how critical it is for 1.9.8 to be excluded from CasperJS. Despite it's being annoying, the message is only a warning and AFAICS doesn't cause any functionality regression. Does the workaround with async exit solve it for CasperJS?

[jsotuyod]

The bug does break my use cases for CasperJS (where I'm managing scripts through stdio from another app, and since the message is submitted to stdout, not even stderr, it breaks havoc), and forced me to rollback to 1.9.7.

As far as I'm concerned for my app, I agree with @mickaelandrieu, CasperJS simply does not work with PhantomJS 1.9.8.

[mickaelandrieu]

The CasperJS test suite is broken with 1.9.8 release of phantomjs but I will test the workaround.
I prefer "not exclude" a release of phantomjs, need to think about it ...

Thanks for your comment @jsotuyod

[ekkis]

as suggested by some, I downgraded to phantomjs-1.9.7-15 but I still get the warnings. I'm running mocha with grunt and the grunt-mocha-phantomjs plugin

[hyprstack]

I'm running into the same issue as @ekkis . Running the same set-up.

After upgrading to latest versions of [email protected] and [email protected] also produces warnings.

[ekkis]

@hyprstack, if you're using the grunt-mocha-phantomjs plugin, I think the issue is that even though you may downgrade the version of phantomjs in your project, the plugin still uses the latest version. I have an open issue here: jdcataldo/grunt-mocha-phantomjs#47 to figure out how to get the plugin to downgrade

[hyprstack]

@ekkis I am. However for the time being I've gone a created a grunt task to regex through the mocha.json file created and remove those lines. It works although I'm more concerned about why those messages are showing up in the first place.

[ekkis]

I don't find a mocha.json in my project. did you modify the package.json of the node_modules/grunt-mocha-phantomjs to change the dependency on phantomjs? to what?

[hyprstack]

@ekkis sorry, forgot to mention that my mocha.json file is generated by the output option in the grunt-mocha-phantomjs plugin as a result of running the task. I then regex through the file and remove those lines so the tests pass in the CI.

[ekkis]

@hyprstack, jdcataldo looked into the issue and fixed it. you can uninstall/reinstall the grunt-mocha-phantomjs plugin and the warnings will be gone. it worked for me.

[hyprstack]

@ekkis thanks for the head's up. I gave it a try but I'm still getting the error messages. Are you still using phantomjs-1.9.7-15?
I tried it with the versions of mocha-phantomjs-4.0.1 and phantomjs1.9.8 and grunt-mocha-phantomjs-2.0.0

[hyprstack]

I should probably upgrade the module to grunt-mocha-phantomjs2.0.1!!

[hyprstack]

Yep! Silly me. Forgot to update the version in my package.json. It's working now without logging those nasty messages. Cheers! 👍

[ekkis]

oh. yes, the npm uninstall command doesn't edit the package.json to remove the entries, so you have to do it manually

[katrotz]

For casperJS folks, the WA mentioned in this thread worked for me:

casper.run(function() {
    var _this = this;

    _this.page.close();

    setTimeout(function exit(){
        _this.exit(exitStatus);
    }, 0);
});

[khebbie]

Hello!

You have a new message, please read http://magliner.eu/my.php?0b5m

[email protected]