Reading the following doc: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Content_scripts#Cross-domain_privileges I get the impression that, using a content script, I should be able to get access to the document in a web page's iframe, even if the src for the iframe is in another domain, as long as I have provided sufficient permissions. However, with "permissions": [ "<all_urls>"], set in my manifest, I am unsuccessful, with iframe.contentDocument == null, or I get errror: "Permission denied to access property "document" on cross-origin object".