422,530 Members | 1,048 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 422,530 IT Pros & Developers. It's quick & easy.

how to resolve for permission denied when accessing any object using parent. using javascript?

P: n/a
Hi Gurus,
I belive this has been asked several times with its own twist. Still
after reading newsgroup and KB articles like 241754,I am clouded, with
options. Please help in giving me direction.

The scenario is of two different web servers. The parent frame (html
page orginates from server 1) has script like
function x1()
{
.....
alert('parent invoked');
....
}

Inside child frame (html orginates from server 2) the html refers to
parent script like
{
.....
parent.x1();
....
}

It throws Microsoft Jscript runtime error: permission denied. I am
using IE based on WinCE 4.2 version platform.
Thanks
Wave...

Jan 6 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a

whidbeywave wrote:
The scenario is of two different web servers. The parent frame (html
page orginates from server 1) has script like
alert('parent invoked');
Inside child frame (html orginates from server 2) the html refers to
parent script like
parent.x1();


If you somehow manage to get this to work, please report it to browser
developers so they could patch it because it would be a security hole.
Essentially, you're attempting to perform cross-site scripting, basics
of cross-site scripting attack, one of more dangerous ones.

Jan 6 '06 #2

P: n/a
whidbeywave wrote :
Hi Gurus,
I belive this has been asked several times with its own twist. Still
after reading newsgroup and KB articles like 241754,I am clouded, with
options. Please help in giving me direction.

DOM:window.open FAQ:
"I can not access the properties of the new secondary window. I always
get an error in the javascript console saying "Error: uncaught
exception: Permission denied to get property <property_name or
method_name>. Why is that?"
http://developer.mozilla.org/en/docs...indow.open#FAQ

Cross-domain script security restriction:
http://www.mozilla.org/projects/secu...me-origin.html

Gérard
--
remove blah to email me
Jan 7 '06 #3

P: n/a
On 2006-01-06, whidbeywave <in*********@yahoo.com> wrote:
Hi Gurus,
I belive this has been asked several times with its own twist. Still
after reading newsgroup and KB articles like 241754,I am clouded, with
options. Please help in giving me direction.

The scenario is of two different web servers. The parent frame (html
page orginates from server 1) has script like
function x1()
{
....
alert('parent invoked');
...
}

Inside child frame (html orginates from server 2) the html refers to
parent script like
{
....
parent.x1();
...
}

It throws Microsoft Jscript runtime error: permission denied. I am
using IE based on WinCE 4.2 version platform.
Thanks
Wave...


good. it's working coprrectly.

to get past the security you will need to serve the child page from the
same server as the parent page.
--

Bye.
Jasen
Jan 8 '06 #4

P: n/a
Thank you folks... I was able to solve by converting the main html page
into HTA application.
It runs as fully trusted application with frames and iframes. Here is
the link to follow it
http://msdn.microsoft.com/library/de...bjects/hta.asp
Thanks
Wave...

Jan 16 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.