storybook: Uncaught DOMException: Blocked a frame with origin "http://localhost:9009" from accessing a cross-origin frame.
Describe the bug After updated storybook 3 to 5 the ‘actions addon’ throws CORS error when an action is performed. Figured out that setting the ‘depth’ option to 2 or less is a work around and no error appears. Posting bug report hoping any better solution may be found.
To Reproduce Steps to reproduce the behavior:
- Initiate any action on storybook 5. CORS error appears in console.
Expected behavior Actions should be performed.
Screenshots N/A
Code snippets I traced the bug to the following line:
var data = (0, _telejson.stringify)({
key: KEY,
event: event
}, {
maxDepth: depth
}); // TODO: investigate http://blog.teamtreehouse.com/cross-domain-messaging-with-postmessage
// might replace '*' with document.location ?
iframeWindow.postMessage(data, '*');
return Promise.resolve(null);
This configuration fixes the issue. But it would be great to have this resolved and allow for display of action with greater depth of the object.
configureActions({
depth: 2 // anything higher than 2 causes CORS error in iframe postMessage method
});
System:
- OS: MacOS
- Device: Macbook Pro 2018
- Browser: chrome
- Framework: react
- Addons: actions
- Version: 5.1.9
Additional context This happened after upgrading from 3 to 5. Default webpack config is used. Babel was also upgraded to 7.
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 16
- Comments: 48 (14 by maintainers)
I’m getting this when attempting to build my local by running
yarn build-storybookand then opening theindex.htmlwithin thestorybook-staticrepo… Just upgraded to6.0.21I’m seeing this in 6.0.26. In my case, once I delete my one .mdx story, it builds and works fine. When I have a mix of js and mdx stories is when I see this error. I should also note that running
yarn storybookworks fine, its just when building the docs I see this error.I solved this by opening storybook in an incognito window. It’s possible that Chrome plugins are messing with the browser.
Same problem here in 6.0.21
confirmed… It seems the stringification of the event fails
v5.3.0-beta.8still has the Firefox bug for me. Versionv5.3.9also has the bug. Versionv6.0.0-alpha.1also has the bug.This is still not resolved; should we re-open this or open a new issue?
I’m also having this issue. Our current workaround which worked is to disable the actions addon.
I am also seeing this when trying to use Storybook Composition. It works fine within the original storybook, but I get the same error (
Uncaught DOMException: Blocked a frame with origin from accessing a cross-origin frame.) at the same line whenever trying to load a story from the lower level “composed” storybook in the higher level “composing” storybook. Both storybook instances on 6.1.5, using basically stock webpack configs. If you’d like to verify/reproduce, here is a link to our Chromatic permalink. Anyone should be able to add this as a composed story and see the issue.Anyone have ideas for a solution or workaround?
EDIT: After further research I’ve tracked it down to a few specific stories. This error appears when storybook tries to serialize a
windowobject from the “composed” storybook. Now why that is happening in my use case is another story. There seems to be a bug in the docs addon (docgen). For a select few of our stories using components that use Popper.js, the docgen is interpreting a default value as thewindowobject for Popper’splacementprop (even though it is typed and assigned as'top', notwindow). Still trying to track down why that is happening. Disabling the docs addon resolves the issue.@shilman is that known? I ask because that was not always the case before v6, you could easily build an instance, compress it and share it with others. I feel like it’s possible that a lot of people in this thread are running into this because it’s not being run on a local server for whatever reason.
Head slap! Yes - that is it. For clarity, this works just fine:
I am also seeing this issue right now with 6.0.2
Clicked actions like in the documentation are working in Chrome but not in firefox. Currently seeing this DOMException in FireFox
SecurityError: Permission denied to access property "toJSON" on cross-origin objectClick the button above logs the event details in chrome but not in FireFox.
I’d also like to link a similar case here with GitHub Pages https://github.com/storybookjs/storybook-deployer/issues/97
I’m seeing this with the Storybook Design System when trying to access
index.htmlafter runningyarn run build-storybook. The non-static version (yarn storybook start) runs fine.The project is running storybook 6.1.0-rc.3.
Let me see if I can get a boiler plate going or what I have in my repo
@ndelangen it is for me: