Starting with mabl Desktop App version 2.11.0, accessibility checks can now scan all iframes, including iframes with CORS disabled. This update makes it easier to check for violations on a page that has many iframes, particularly if you don't have control over whether or not the iframes have CORS enabled.
Previously, if an iframe on the page didn’t have CORS enabled, a “page-level” accessibility check wouldn’t be able to include that iframe in the check.
Bypass CORS
By default, accessibility checks do not scan iframes that have CORS disabled. To evaluate every iframe in the accessibility check, even if CORS is disabled in the iframe, toggle on Bypass CORS in advanced settings.
The new Bypass CORS toggle
Disabling rules
When Bypass CORS is enabled, rules disabled under Disable certain rules are only applied to the main frame, not to iframes.
If you wish to disable certain rules for iframes with Bypass CORS enabled, add them as a comma-separated list to the Disable these rules on all iframes input. For example, if the page includes a third-party iframe that violates the color-contrast
rule, you can configure the check to exclude the color-contrast
rule for iframes.
Updated targets
As part of this change, we've also updated the targets for accessibility checks. Previously, you could set the target to "page" or "element". Now, the available targets for accessibility checks are as follows:
- Current frame (default): checks the frame in focus and any associated iframes that are eligible to be checked
- Page: checks the full page, including all eligible iframes. If the accessibility check occurs after the test has switched context into an iframe, this check will still scan the full page and all eligible iframes.
- Element: checks accessibility at the element level. Element-level checks are appropriate when you have different accessibility standards for specific elements.
For more information on accessibility checks, check out the docs.