When session replay is enabled, and a iframe is rendered on Mac Safari browser, a "blocked frame" error (per the title) appears, e.g.:

[Error] Blocked a frame with origin "https://localhost:3000" from accessing a frame with origin "https://js.stripe.com". Protocols, domains, and ports must match.
serializeNodeWithId (rrweb-record-7RRQZYYR.js:1166)
serializeNodeWithId (rrweb-record-7RRQZYYR.js:1249)
serializeNodeWithId (rrweb-record-7RRQZYYR.js:1249)
serializeNodeWithId (rrweb-record-7RRQZYYR.js:1249)
takeFullSnapshot$1 (rrweb-record-7RRQZYYR.js:12032)
init (rrweb-record-7RRQZYYR.js:12220)
record (rrweb-record-7RRQZYYR.js:12225)
(anonymous function) (@amplitude_plugin-session-replay-browser.js:4148)
step (chunk-JKUCZERB.js:125)
fulfilled (chunk-JKUCZERB.js:49)

I tried all sorts of ways to block session replay using the privacyConfig.blockSelector, but none work, probably due to the way iframes are injected into the page.

Is there a way to block specific iframes by provider (e.g. stripe, firebase) via configuration that I'm missing?

Btw, Sentry (which also uses rrweb for session recording) used to have the same issue. It looks like they handled the issue by not attaching load event listeners to block blocked frames.

My environment:

• Most current Safari, React, Amplitude and Stripe versions as of August 2025.