Bug 148514

Summary: Web Inspector: Suppress cross-origin restrictions when accessing $0 from the console
Product: WebKit Reporter: Nikita Vasilyev <nvasilyev>
Component: Web InspectorAssignee: Joseph Pecoraro <joepeck>
Status: RESOLVED INVALID    
Severity: Normal CC: bburg, graouts, joepeck, mattbaker, nvasilyev, timothy, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=147962
Attachments:
Description Flags
[Image] Current behavior none

Nikita Vasilyev
Reported 2015-08-26 23:07:21 PDT
Created attachment 260037 [details] [Image] Current behavior Steps: 1. Open http://codepen.io/NV/pen/AKnov?editors=001 2. Inspect the SVG pie 3. Type dir($0) 4. Expand the result Actual (on the attached image too): > dir($0) [Error] Blocked a frame with origin "http://codepen.io" from accessing a frame with origin "http://s.codepen.io". Protocols, domains, and ports must match. < ▼ path#angle_arc {} No properties. Expected: > dir($0) < ▼ path#angle_arc {pathLength: SVGAnimatedNumber, ...} (a bunch of properties)
Attachments
[Image] Current behavior (321.16 KB, image/png)
2015-08-26 23:07 PDT, Nikita Vasilyev 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2015-08-26 23:10:13 PDT
<rdar://problem/22451638>
Joseph Pecoraro
Comment 2 2016-02-10 17:15:08 PST
This seems like expected behavior to me. Switching the Console's Execution Context from "Main Frame" to "CodePen – index.html" eliminates the error and makes it work. In fact now, attempting to access the element from the Main Frame results in `null`, while accessing it on the sub-frame results in the Element. I'm going to move this to Behaves Correctly. However if you have ideas about how we can improve this situation for developers those would be good enhancements to file. For instance, we may want to give elements in a sub-frame a Context Menu to change the console to that Execution Context. Already "Log Element" does the right thing.
Note You need to log in before you can comment on or make changes to this bug.