"Not allowed to load local resource" for iframe, how to disable web security ?!



  • Hi folk!
    I'm porting my application from WebKit to WebEngine (seems that one is much better for rendering angular-basad html).
    I faced with problem that i can't enable QtWebEngine to load local iframe, despite the fact that i've setup all possible settings that i found:
    =========== code from mainwindow.cpp =================================

    view->page()->settings()->setAttribute(QWebEngineSettings::LocalContentCanAccessFileUrls, true);
     view->page()->settings()->setAttribute(QWebEngineSettings::LocalContentCanAccessRemoteUrls, true);
     view->page()->settings()->setAttribute(QWebEngineSettings::LocalStorageEnabled, true);
    
     view->settings()->setAttribute(QWebEngineSettings::LocalContentCanAccessFileUrls, true);
     view->settings()->setAttribute(QWebEngineSettings::LocalContentCanAccessRemoteUrls, true);
     view->settings()->setAttribute(QWebEngineSettings::LocalStorageEnabled, true);
    

    ====================================================================

    The easiest example is to take WebEngine-based FancyBrowser (\Examples\Qt-5.4\webenginewidgets\fancybrowser) and try to load into it local html file like this:

    ---------------------- index.html ---------------

    <html>
    <head>
        <title>Hi there</title>
    </head>
    <body>
        This is a page
        a simple page
        <iframe id="some_idrame" width="0" height="0" style="border: none" src="some_iframe.html" name="target" sandbox="allow-scripts"></iframe>
    </body>
    </html>
    

    ---------------------- some_iframe.html ---------------

    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="utf-8">
        <title>La-la-la</title>
    </head>
    <body>
        Lalala 
    </body>
    </html>
    

    ===============================================

    If you setup env var QTWEBENGINE_REMOTE_DEBUGGING to some port, then you can open 127.0.0.1:port and see in console this error: "Not allowed to load local resource".

    I really have no idea now how to solve this problem now... there should be some way to pass to WebEngine something like "--disable-web-security"...

    Thanks for any help!



  • I had the same problem too, and found a fix from the mailing list. You can pass the "--disable-web-security" argument to the QApplication object in your main.cpp.



  • @knt261

    You can pass the "--disable-web-security" argument to the QApplication object in your main.cpp.

    Hi – Can you show the code to do that (I'm new at this).

    thanks!



  • @TOMATO_QT In your main function, you should have initialized a QApplication object, for example:

    QApplication a(argc, argv);
    

    argc is the number of arguments passed into your QApplication, and argv is the array of strings (each one being the actual argument passed into your QApplication). Just make sure one of the strings in your argv is "--disable-web-security" (and make sure argc is the correct count)

    The simplest way to do this, is to start your main function like this:

    int main(int argc, char *argv[])
    {
     QApplication a(argc, argv);
     ...
    }
    

    This passes all of your program's arguments into the QApplication arguments. Then all you have to do is run your program with the argument, e.g. ./myProgram --disable-web-security.



  • @knt261
    this solution not work for me;
    I test this solution in Qt5.6


Log in to reply
 

Looks like your connection to Qt Forum was lost, please wait while we try to reconnect.