Cross-origin frame issue when printing in Chrome

bohwaz · December 18, 2022, 1:26am

Hi there,

I set up Collabora with our own WOPI implementation, everything works, great, except for printing. When I press the print button I get an error in the JS console of the browser:

Uncaught DOMException: Blocked a frame with origin "https://collabora.XXXX" from accessing a cross-origin frame.
    at NewClass._onIframeLoaded (https://collabora.XXXX/browser/ce39a9d/bundle.js:1:1928895)

I also tried setting up Collabora on the same sub-domain, it was a pain, but it didn’t change anything. Looking at the code , CODE is creating an iframe with no src attribute, and then changing src to the Blob object URL (fine). But the error happens when print() is called, on this line:

this._printIframe.contentWindow.print();

Not sure how I can fix this? I couldn’t find anything in Github issues.

This happens in Chrome, with Firefox printing seems to work correctly.

Thanks to anyone who could help

julienfastre · January 26, 2023, 9:21pm

Same issue here, only with Chrome; Firefox works like a charm.

bearon · March 20, 2023, 2:03pm

Hi, do you have frame-src 'self' blob: in the CSP?

bohwaz · March 20, 2023, 9:09pm

Not usually, but I tried, and it doesn’t change. Just for being sure, I tried again, and checked in the network console to see if the headers were correctly set. With the CSP policy you supplied set in the parent frame, I have the same issue

bearon · March 21, 2023, 3:44pm

What is the CSP in your case?

bohwaz · March 22, 2023, 11:09am

Ah! It wasn’t a CSP issue at all, it was because we used the sandbox attribute on the Collabora iframe. Removing it fixed the issue, as even allowing all sandbox options didn’t fix it. Not the best for security, but at least it works.

Thanks for your help!