Skip to content

To automate iFrames in iOS Devices

This example demonstrates how to automate the iFrames in iOS mobile devices.

An IFrame (Inline Frame) is an HTML document that is embedded inside another HTML document on a website. The IFrame HTML element is often used to insert content from another source, such as an advertisement, into a Web page.
An iframe is used to display a Web page within a Web page.

How to identify the iframe:

You can identify the iframes in the below two ways by inspecting the element:

  • On right-clicking on the element, if there is a **tag** name available with **'iframe'**, then the element is said to be in a frame.
  • Right-clicking on the page and if you find any options available with the following in the context menu, then the element is said to be available in frames.
    1. View frame source
    2. Reload frame
    3. This frame

Automating iframe in iOS mobile devices

Due to the nature of how the Appium works, along with some restrictions imposed by Apple, there are few limitations you should be aware of before automating iFrames in iOS devices using Worksoft SaaS.
You can automate iframes that follow the same-origin policy but you cannot automate the iframes which follow Cross-Origin Resource Sharing (CORS).

Cross-Origin Resource Sharing (CORS)

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, or port) from its own.
An example of a cross-origin request: the front-end JavaScript code served from https://domain-a.com uses XMLHttpRequest to make a request for https://domain-b.com/data.json.

For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts. For example, XMLHttpRequest and the Fetch API follow the same-origin policy. This means that a web application using those APIs can only request resources from the same origin the application was loaded from unless the response from other origins includes the right CORS headers.

Same Origin Policy

The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors.
The same-origin policy prevents Appium from automating iFrames that have a different domain to the parent.

You can use the below workaround to automate iframes in the iOS mobile devices.

Solution:

# Command Target Value
Store the src attribute of the iframe
1 storeAttribute iframe@src sourceUrl   
Open the source URL of the iframe
2  open ${sourceUrl}  
Perform required actions in the page
3 assertElementPresent //img[@alt='Worksoft SaaS']  
Navigate to the main window
4 goBack    

Feedback and Knowledge Base