Unsafe JavaScript Attempt to Access Frame with Url

Unsafe javascript attempt to access frame when installing casperjs through npm windows

This is a known issue with CasperJS and the 1.9.8 version of PhantomJS. It doesn't do anything and the errors are only printed during exit. They don't interfere with your script. There is a workaround and it was merged into master branch on GitHub, but it is not available as a release of CasperJS yet (latest is 1.1-beta3).

The easiest way to solve this is to downgrade to PhantomJS 1.9.7. Since you're using NPM it is easily done with

npm -g install phantomjs@1.9.7-15

The PhantomJS versions match with the NPM phantomjs package versions up until 1.9.7, then everything breaks. You can check the versions with npm show phantomjs.

If you downgrade to version 1.9.7, you will have to run with the --ssl-protocol=any commandline option for sites that request https resources. The reason is shown in my answer here.

The proper way to solve this is to install a new version from git. This will enable you to not only use PhantomJS 1.9.8 without the additional error lines, but also PhantomJS 2 which would not be possible with CasperJS 1.1-beta3.

References:

GitHub issue #1068

Workaround for CasperJS #1139

PhantomJS issue on SO

Unsafe JavaScript attempt to access frame with URL

Read something about Javascript access security here:

http://javascript.about.com/od/reference/a/frame3.htm
Unsafe JavaScript attempt to access frame warning in Safari
"Unsafe JavaScript attempt to access frame with URL..." error being continuously generated in Chrome webkit inspector
http://blog.chromium.org/2008/12/security-in-depth-local-web-pages.html

Specifically about implementing Vimeo and JavaScript unsafe access, I found this on a discussion on the Vimeo forums:

If you're using a webkit browser (Safari or Chrome) that error is
actually coming from the Webkit Inspector trying to access the iframe
(the Webkit Inspector is actually written in HTML and Javascript).

The
thing to make sure is that you can't call any of the api or addEvent
methods on the iframe until the player has finished loading. As per
the example, you need to add the "onLoad" event first and then execute
your code inside of that handler.

And second, I checked link you provided, and it loads fast and fine to me, so it is definitely not reason why you keep having this page loading long time

CasperJS and 'Unsafe JavaScript attempt to access frame with URL' error

Recent PhantomJS (1.9.8) introduced this error message. It doesn't cause any real issue, other than confusing log lines when quiting PhantomJS.

It is fixed in unreleased 1.9 branch:
https://github.com/ariya/phantomjs/pull/12720

Youtube Unsafe JavaScript attempt to access frame with URL

The underlying issue is http://code.google.com/p/chromium/issues/detail?id=17325

Once that's resolved, the warnings in the JavaScript console on pages that use the YouTube iframe embed should go away—certainly for Chrome, and I believe for Safari as well.

Unsafe JavaScript attempt to access frame with URL (same domain!)

file:/// URLs are subject to a slightly different javascript security policy to the normal same origin policy that applies to hosted content. In order to stop a saved web page from being able to read the entire contents of your disk, different files are seen as different origins. Just fire up a local server and host your content on that; you will fall back to the "standard" policy where origins are defined by domain/ip.

If for some reason you can't run a web server, you may get some mileage out of the
command line switch: --allow-file-access-from-files. I believe this has the affect of making all file:/// URLs to be defined as belonging to the same origin.

Debugging unsafe javascript attempt to access frame with URL ...

If you own all of the pages (the containing document and the iframe document) just stick some javascript in each of them to allow them to communicate happily:

document.domain = 'myDomain.com';