UnhandledPromiseRejectionWarning:错误:评估失败:DOMException:阻止具有原始(URL)的框架访问跨域框架

时间:2018-06-28 00:35:13

标签: javascript automated-tests puppeteer google-chrome-headless

我正在使用Puppeteer v1.5(https://github.com/GoogleChrome/puppeteer),并且试图运行以下代码:

getCredentialsFromStripe(code: any) 
    {
      let Url = "https://connect.stripe.com/oauth/token"; 
                //\client_secret=" + {{key}} + "\code=" + code + "\grant_type 
        = authorization_code";

      return this.http.post(Url, {
        Body: "client_secret = {{key}}\code =" + code,
        Headers: {
              'Authorization': 'Bearer '+ code,
              "Accept": "application/json; charset=UTF-8",
              "Access-Control-Allow-Origin": "https://connect.stripe.com/oauth/token"
      }
   }).map(res => res.json());
}

然后出现以下错误:

{
  "token_type": "bearer",
  "stripe_publishable_key": "{PUBLISHABLE_KEY}",
  "scope": "read_write",
  "livemode": false,
  "stripe_user_id": "{ACCOUNT_ID}",
  "refresh_token": "{REFRESH_TOKEN}",
  "access_token": "{ACCESS_TOKEN}"
}

请注意,我正在使用操纵up的byPassCSP函数。它似乎什么也没做。据我所知,这是由于Javascript的同源策略所致。请帮忙。我还在下面添加了config.json文件以供参考:

'use strict';

const puppeteer = require('puppeteer');
const fs = require('fs');

const configOptions = require('./config.json');

function evaluateRules(passedRuleset) {
  var doc = window.document;
  var ruleset = OpenAjax.a11y.RulesetManager.getRuleset(passedRuleset);
  var evaluator_factory = OpenAjax.a11y.EvaluatorFactory.newInstance();
  evaluator_factory.setParameter('ruleset', ruleset);
  evaluator_factory.setFeature('eventProcessing', 'fae-util');
  evaluator_factory.setFeature('groups', 7);
  var evaluator = evaluator_factory.newEvaluator();
  var evaluation = evaluator.evaluate(doc, doc.title, doc.location.href);
  var out = evaluation.toJSON(true);
  return out;
}

(async() => {
  const browser = await puppeteer.launch();

  var numPagesEvaluated;

  for (numPagesEvaluated = 0; numPagesEvaluated < configOptions.urls.length && numPagesEvaluated < configOptions.maxPages; numPagesEvaluated++){

    const millisecondsToSeconds = 1000;

    var page = await browser.newPage();
    await page.setBypassCSP(true);

    await page.goto(configOptions.urls[numPagesEvaluated], {timeout: configOptions.wait*millisecondsToSeconds, waitUntil: 'load'});
    await page.waitFor(configOptions.delay*millisecondsToSeconds);

    if (configOptions.authentication){
      const credentialsObject = {username: configOptions.username, password: configOptions.password};
      await page.authenticate(credentialsObject);
    }

    const evaluationFileOptions = {path: './oaa_a11y_evaluation.js'};
    const ruleFileOptions = {path: './oaa_a11y_rules.js'};
    const rulesetsFileOptions = {path: './oaa_a11y_rulesets.js'};

    const evaluationFileOptionsObject = Object.create(evaluationFileOptions);
    const ruleFileOptionsObject = Object.create(ruleFileOptions);
    const rulesetsFileOptionsObject = Object.create(rulesetsFileOptions);

    await page.addScriptTag(evaluationFileOptionsObject);
    await page.addScriptTag(ruleFileOptionsObject);
    await page.addScriptTag(rulesetsFileOptionsObject);

    var results = await page.evaluate(evaluateRules, configOptions.ruleset);

    var result_index = 0;

    fs.writeFile(configOptions.outputDirectory+ "/results_" + result_index.toString() + ".json", results, function(err) {
      if(err) {
          return console.log(err);
      }

      console.log("results_" + result_index.toString() + ".json was saved!");
      result_index++;
    });

    await page.close();
  }

  await browser.close();
})();

1 个答案:

答案 0 :(得分:0)

我知道了。解决此错误的方法是在Puppeteer中使用标志--disable-web-security启动Chrome。请查看https://github.com/GoogleChrome/puppeteer/blob/v1.7.0/docs/api.md#puppeteerlaunchoptions,以获取有关如何使用它的更多信息。

此错误是由于名为same-origin policy的安全策略引起的。但是请注意,除非您知道自己在做什么,否则不要使用此标志,并且从安全角度来看,使用它可能很危险。