Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Iframe in Chrome error: Failed to read 'localStorage' from 'Window': Access denied for this document

I have a web app which uses localStorage. Now we want to embed this web app on other (third-party) sites via iframe. We want to provide an iframe embed similar to youtube so that other websites can embed our web app in an iframe. Functionally it is the same as if it wouldn't be embedded. But it does not work. Chrome prints the error message:

Uncaught SecurityError: Failed to read the 'localStorage' property from 'Window': Access is denied for this document. 

I just do the following check (in the iframe):

if (typeof window.localStorage !== 'undefined') {     // SETUP SESSION, AUHT, LOCALE, SETTINGS ETC } else {     // PROVIDE FEEDBACK TO THE USER } 

I checked my security settings in Chrome like described in another Stackoverflow Thread but it doesn't work. Is there any change to make embedding possible without the need of adjusting (default) security settings of most modern browsers?

To give more information, we use Ember-CLI for our web app and turned on CSP (more info about the Ember-CLI CSP). Could CSP cause our web app to throw security errors?

like image 352
tschoartschi Avatar asked May 27 '15 11:05

tschoartschi


People also ask

How do I fix failed to read the localStorage property from window access is denied for this document?

To fix this, you need to change the cookies' settings in your browser. To do this go to Settings > Privacy and security > Cookies and other site data. Or paste chrome://settings/cookies into the address bar. Google Chrome will automatically save changes.

How do I access localStorage in my browser?

It's simple. Just go to the developer tools by pressing F12 , then go to the Application tab. In the Storage section expand Local Storage. After that, you'll see all your browser's local storage there.

Does localStorage work in incognito mode?

Local Storage data stored on normal browsing sessions will not be available when you open a browser in private browsing or in Incognito mode. Local Storage data will not get cleared even if you close the browser. Because it's stored on your browser cache in your machine.

Does localStorage clear on browser close?

localStorage is similar to sessionStorage , except that while localStorage data has no expiration time, sessionStorage data gets cleared when the page session ends — that is, when the page is closed.


2 Answers

Under Chrome's Settings > Privacy > Content settings, you have the cookie setting set to to "Block sites from setting any data"

This checkbox is what is causing the exception.

like image 99
Paul Irish Avatar answered Sep 27 '22 03:09

Paul Irish


According to this

This exception is thrown when the "Block third-party cookies and site data" checkbox is set in Content Settings.
To find the setting, open Chrome settings, type "third" in the search box, click the Content Settings button, and view the fourth item under Cookies.

enter image description here

like image 41
alessandrio Avatar answered Sep 26 '22 03:09

alessandrio