By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,016 Members | 2,297 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,016 IT Pros & Developers. It's quick & easy.

Cross Domain scripting error??

P: n/a
Hello;

My index.htm page (www.charlescrumesoftware.com for those interested in
looking) contains 3 frames (left = content, top right = logo, bottom right =
navigation). This domain name is registered with www.mydomain.com and is
stealth forwarded to www.ccthecomputerguy.com (where my *real* web site
currently lives). FWIW, I do this because in the 8+ years I've been on the
web, I've changed ISPs about 5 times and every change requires a new domain
(or problems transferring) and new email addresses requiring boatloads of
people to be notified. This way I have permanent web and e-mail addresses
even though I might change ISP's every six months. Anyway...

I am learning javascript and came up with an idea to adjust the sizes of the
frames primarily as a learning exercise, but also to do something useful --
a visual effect when my page starts. I've gotten everything to work on my
local machine (Win 98se and IE6) and when run directly from my *real* web
site www.ccthecomputerguy.com/index2.htm (I'm using "index2" for testing
purposes).

However, when I access the site from
www.charlescrumesoftware.com/index2.htm, I get "Error: top.frames.xxx is nil
or not an object" (at one time I was getting "Error: Access Denied" -- which
lead me to research cross domain issues on google).

However, now I'm not sure what the problem is or if there is really a "cross
domain" problem. I pretty sure the problem javascript statement is (I can
post more code if needed):

setTimeout("top.frames['xxx'].cols =" + new_params, i*delay_multiplier);

Can anyone help me out, provide some pointers/workarounds, or where to look
for more infomation?

TIA.

Charles...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.682 / Virus Database: 444 - Release Date: 5/11/04
Jul 23 '05 #1
Share this Question
Share on Google+
6 Replies


P: n/a
In article <gc****************@fe1.columbus.rr.com>, Charles Crume
says...
However, now I'm not sure what the problem is or if there is really a "cross
domain" problem. I pretty sure the problem javascript statement is (I can
post more code if needed):

setTimeout("top.frames['xxx'].cols =" + new_params, i*delay_multiplier);

Can anyone help me out, provide some pointers/workarounds, or where to look
for more infomation?


If top.frame is from a different domain, you can't set variables in it.

--
Hywel I do not eat quiche
http://kibo.org.uk/
http://kibo.org.uk/mfaq.php
Jul 23 '05 #2

P: n/a
Hi Hywel;

"Hywel" <hy**********@hotmail.com> wrote in message
news:MP************************@news.individual.ne t...
In article <gc****************@fe1.columbus.rr.com>, Charles Crume
says...
However, now I'm not sure what the problem is or if there is really a "cross domain" problem. I pretty sure the problem javascript statement is (I can post more code if needed):

setTimeout("top.frames['xxx'].cols =" + new_params, i*delay_multiplier);
Can anyone help me out, provide some pointers/workarounds, or where to look for more infomation?


If top.frame is from a different domain, you can't set variables in it.


Right, I know this, but the error message is pretty vague (for us javascript
newbies). I'm understanding most of the stuff people tell me and the stuff I
read -- but having a some difficulty in retaining it all in my head and
keeping it straight. So, if you can bear with me...

As I understand it your pretty much telling me I've got a cross domain
problem because, when www.charlescrumesoftware.com/index2.htm loads the
frames, the frame content comes from page on www.ccthecomputerguy.com and as
this is a different domain I cannot alter the frame contents. Am I correct
so far?

I've read about the document.domain property, and my understanding is that
it only work for the same domain suffix (which is not my case).

Could the initial index2.htm page load a page from www.ccthecomputerguy.com
which could then load the frames and avoid this problem?

TIA.

Charles...

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.683 / Virus Database: 445 - Release Date: 5/12/04
Jul 23 '05 #3

P: n/a
In article <Gl***************@fe1.columbus.rr.com>, Charles Crume
says...
Hi Hywel;

"Hywel" <hy**********@hotmail.com> wrote in message
news:MP************************@news.individual.ne t...
In article <gc****************@fe1.columbus.rr.com>, Charles Crume
says...
However, now I'm not sure what the problem is or if there is really a "cross domain" problem. I pretty sure the problem javascript statement is (I can post more code if needed):

setTimeout("top.frames['xxx'].cols =" + new_params, i*delay_multiplier);
Can anyone help me out, provide some pointers/workarounds, or where to look for more infomation?
If top.frame is from a different domain, you can't set variables in it.


Right, I know this, but the error message is pretty vague (for us javascript
newbies).


Is it? It's telling you that access to the variable you're after is
denied. That's pretty much it.

As I understand it your pretty much telling me I've got a cross domain
problem because, when www.charlescrumesoftware.com/index2.htm loads the
frames, the frame content comes from page on www.ccthecomputerguy.com
Yes.

and as
this is a different domain I cannot alter the frame contents. Am I correct
so far?
No. You can alter the *frame* contents (ie. load another document into
the frame) but you can't alter the content of a document that's already
in the frame if that document is from another domain.

Could the initial index2.htm page load a page from www.ccthecomputerguy.com
which could then load the frames and avoid this problem?


If they're both your domains why bother with all this cross-domain crap.
Structure the site properly and run it from the same domain.
--
Hywel I do not eat quiche
http://kibo.org.uk/
http://kibo.org.uk/mfaq.php
Jul 23 '05 #4

P: n/a
[snip]
Right, I know this, but the error message is pretty vague (for us javascript newbies).


Is it? It's telling you that access to the variable you're after is
denied. That's pretty much it.


Yes, it really is!! The message does not say access is denied *or why*, it
says "top.frames.xxx" is null or not an object (which is correct) -- but to
a newbie it *is* an object. Of course, once one understands the intricacies,
interactions, and security features of javascript (i.e., gets more and more
experience) this stuff becomes known and remembered.

[snip]
and as
this is a different domain I cannot alter the frame contents. Am I correct so far?


No. You can alter the *frame* contents (ie. load another document into
the frame) but you can't alter the content of a document that's already
in the frame if that document is from another domain.


Well, excuse me for being a little dense here, but while index2.htm is
loaded from a forwarded domain, the frame contents are loaded from the main
domain. I guess I'm just not understanding exactly what is transpiring
during this sequence of events :-( Hopefully the light will come -- and
soon I hope.
Could the initial index2.htm page load a page from www.ccthecomputerguy.com which could then load the frames and avoid this problem?


If they're both your domains why bother with all this cross-domain crap.
Structure the site properly and run it from the same domain.


I explained the reason why in my initial post. I have no idea what
"structure the site properly" means. Everything on my site WAD except this
frame issue.

Hopefully, I'll come up with a solution.

Thanks for your time and patience.

Charles...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.683 / Virus Database: 445 - Release Date: 5/12/04
Jul 23 '05 #5

P: n/a
Charles Crume wrote:
<snip>
Well, excuse me for being a little dense here, but while index2.htm is
loaded from a forwarded domain, the frame contents are loaded from
the main domain. I guess I'm just not understanding exactly what is
transpiring during this sequence of events :-( Hopefully the light
will come -- and soon I hope.

<snip>

What you re not taking into account is how the "stealth" forwarding is
done. What happens is that when a request for -
www.charlescrumesoftware.com/ ... - is made www.mydomain.com returns a
(probably dynamically generated) frameset page that only has one frame,
and that frame loads the corresponding URL from -
www.ccthecomputerguy.com -.

The effect is that when your index2.htm frameset arrives in the browser
it is itself within a frame, and that frame is the - top - frame and is
from another domain and so subject to security restrictions. However,
index2.htm and the contents of its frames are all from the same domain
so they can interact.

Your solution probably goes back to what I said earlier in the week, -
top - refers to the topmost frameset page (the one from
mydomain.com/www.charlescrumesoftware.com), but - from -
www.ccthecomputerguy.com/navigate2.htm - the - parent - reference will
refer to the immediately containing frameset page -
www.ccthecomputerguy.com/index2.htm - which is the frameset page you are
actually interested in interacting with, and is not subject to security
restrictions when accessed from navigate2.htm.

Richard.
Jul 23 '05 #6

P: n/a
Hello Richard;

I have a "light" -- still dim, but at least it's working <g>

"Richard Cornford" <Ri*****@litotes.demon.co.uk> wrote in message
news:c8*******************@news.demon.co.uk...

[snip]
What you re not taking into account is how the "stealth" forwarding is
done. What happens is that when a request for -
www.charlescrumesoftware.com/ ... - is made www.mydomain.com returns a
(probably dynamically generated) frameset page that only has one frame,
and that frame loads the corresponding URL from -
www.ccthecomputerguy.com -.
Ah-hah! This is the piece of information that has allowed me to understand
what is happening.

[snip]
Your solution probably goes back to what I said earlier in the week, -
top - refers to the topmost frameset page (the one from
mydomain.com/www.charlescrumesoftware.com), but - from -
www.ccthecomputerguy.com/navigate2.htm - the - parent - reference will
refer to the immediately containing frameset page -


Yes, yes -- I understand now what you have been telling me!!! Like I
mentioned earlier all the things you, and others, have been telling me make
sense, but keeping them in my head and making use of them has been somewhat
elusive -- I read right over what you had told me and *missed* your point.

I am making headway and want to thank you for your time, courteous
explanations, and patience.

Thanks again.

Charles...
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.686 / Virus Database: 447 - Release Date: 5/14/04
Jul 23 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.