This answer specifies explains how to access the content of all iframes on gmail

But on mail.google it throws this error:

Unsafe JavaScript attempt to access frame with URL /... from frame with URL . Domains, protocols and ports must match.

I tried adding *://plus.google/* to the matches of the manifest of the extension, but it didn't help.

Update: Checking for the url before accessing the content works, but my logic is very crude at the moment as it only checks for google plus:

        if(-1==iframes[i].src.indexOf('plus.google')) {
            contentDocument = iframes[i].contentDocument;
            if (contentDocument && !contentDocument.rweventsadded73212312) {
                // add poller to the new iframe
                checkForNewIframe(iframes[i].contentDocument);
            }
        }

This answer specifies explains how to access the content of all iframes on gmail. https://stackoverflow./a/9439525/222236

But on mail.google. it throws this error:

Unsafe JavaScript attempt to access frame with URL https://plus.google./u/0/_/... from frame with URL https://mail.google./mail/u/0/#inbox. Domains, protocols and ports must match.

I tried adding *://plus.google./* to the matches of the manifest of the extension, but it didn't help.

Update: Checking for the url before accessing the content works, but my logic is very crude at the moment as it only checks for google plus:

        if(-1==iframes[i].src.indexOf('plus.google.')) {
            contentDocument = iframes[i].contentDocument;
            if (contentDocument && !contentDocument.rweventsadded73212312) {
                // add poller to the new iframe
                checkForNewIframe(iframes[i].contentDocument);
            }
        }

• javascript
• google-chrome-extension
• gmail

• I believe that in many cases it can be a requirement to traverse all subframes, and exclusion of external domains from control flow would break application's main function. So, in the case of chrome extension I suggest to replace the loop through frames with content_scripts "all_frames": true declaration in the manifest, and optional logic to merge the results (if necessary). – Stan Commented Nov 26, 2015 at 14:15

2 Answers 2

Access is blocked due to the same origin policy.
The right way to avoid the error is to exclude the frames from a different origin. Your logic is very crude indeed. It does not specifically look in the host name, and it doesn't account for other domains.
Invert the logic to have a robust solution:

if (iframes[i].src.indexOf(location.protocol + '//' + location.host) == 0 ||
    iframes[i].src.indexOf('about:blank') == 0 || iframes[i].src == '') {

Explanation of this white list:

• protocol://host/ = https://mail.google..
  Obviously, the current host has to be allowed
• about:blank and an empty string
  These frames are dynamically created and scripted by GMail.

mail.google. and plus.google. are not the same domain. JavaScript implementations in modern web browsers do not allow cross-domain scripting.

Without resorting to different kinds of hackery, the correct way to get around this is through CORS (http://en.wikipedia/wiki/Cross-origin_resource_sharing), which is not available to you in this circumstance.