Bug 98408

Summary: Clarify the "unsafe JavaScript attempt to access ..." message.
Product: WebKit Reporter: Mike West <mkwst>
Component: WebCore Misc.Assignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 43504    
Bug Blocks: 97978    

Description Mike West 2012-10-04 07:49:23 PDT 
Report from a user, with regard to the "Unsafe JavaScript attempt to access frame with URL $X from frame with URL $Y. Domains, protocols and ports must match." console warning:  "What was accessed? What was unsafe about it? Which one(s) of domain, protocol, and port didn't match? Why does this error spam the console in apps (e.g. Gmail) that continue to work perfectly?"

We've made a few changes to this (sandboxing, for example), but we can certainly do more to provide some context. This at least partially overlaps with 43504.
Comment 1 Mike West 2012-10-04 07:50:48 PDT 
Two users specifically complained about Vimeo's player generating this error, might be a good place to start.