Is there a way to get the HTML source of a document after loading with Webview?
I tried something like:
web:eval('document.documentElement.outerHTML')
but with no success...
HTML source
Beware that the Webview:eval() method return a Task, so you have to wait for it to finish to get the result, like this :
local html = await(wv:eval("document.documentElement.outerHTML"))I also tried that, but the await does not return, it seems that the task remains in sleeping status (I'm on 1.9.0)
- Edited
This is my test:
require 'webview'
local win = ui.Window('web test', 'dialog', 300, 200)
local web = ui.Webview(win, '', 0, 0, 300, 200)
web.align = "all"
function web:onReady()
web.url = 'https://wttr.in'
print('ready')
end
function web:onLoaded(success, status)
print('onLoaded', success, status)
html = await(web:eval('document.documentElement.outerHTML'))
print(html)
end
win:show()
while win.visible do
ui.update()
end- Edited
Yes that's because you are awaiting the Task inside an ui event.
It's part of a major bug described here : [Login to see the link]
I have it fixed internally, it will be available in final LuaRT 1.9.0 release
ok, I will wait for final 1.9.0
Samir added the Bug report tag .
23 days later
I checked with final 1.9.0 and the issue seems solved.
Now I have another issue.
When calling some remote service APIs from a page generated with loadstring() I got the following error in the browser (webview) devtools console:
"Uncaught (in promise) SecurityError: Failed to read the 'localStorage' property from 'Window': Access is denied for this document."
Any idea? How can I enable access ?
It's not a bug, and it's not related to LuaRT.
It's known security lock from Chrome based web clients (like MS Webview2 used by LuaRT).
Try to use an html page on disk it should work
I tried the local file, but still there's an issue:
Access to fetch at '[Login to see the link]:... from origin 'null' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value '[Login to see the link]' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Can you try with a Virtual Host ?
The CORS policy is a security feature that exposes to attack when disabled.
More info on this here : [Login to see the link]
Can you post a minimal example that reproduces this with cross origins requests (ie requests between local page and a distant api ?)
Sorry but I'm using a specific service through their SDK and my own secret credentials, I do not think it would be feasible and helpful. I also tried to load the same page from a local Web server but same failure.
- Edited
Ok don't worry i can reproduce it
You should read this : [Login to see the link]
It's a common problem. It's dangerous to use distant content to be executed localy.
I will see if it's possible to provide a way possible to bypass CORS policy if needed
Many thanks! To clarify more the context, my goal would be to use LuaRT to develop Windows clients that call remote services through REST APIs or their own client SDKs, but so far this looks difficult due to the many security aspects.
Actually I would like to use the Webview object only to integrate web contents and directly rely on your nice "net" module functions for REST APIs. But currently Webview seemed useful to bypass some constraints.
- Edited
I have some good news, I have tried to disable CORS policy for the Webview widget, and it works. If everything works as expected, it will be available in next LuaRT release
Great! When do you plan to release it?