By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
435,028 Members | 1,784 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 435,028 IT Pros & Developers. It's quick & easy.

Subdomain Ajax script denied access to primary domain

P: n/a
Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org

In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />

Anyone know how to get around this issue or tell me what I'm doing that
is wrong?

Name of test page:
http://thepatsyreport.arnb.org/indexx.php
The error can be created by clicking on the find icon after a band name.
(Looks like a magnifying glass)

Errors from Firefox console.(original directory name changed to
xxxxxxxxxx) As expected this also fails in IE7, Safari, and Opera

Security Error: Content at http://thepatsyreport.arnb.org/indexx.php may
not load data from
http://www.arnb.org/xxxxxxxxxx/Exter...&1219330078689.

Error: uncaught exception: [Exception... "Access to restricted URI
denied" code: "1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)"
location: "http://www.arnb.org/xxxxxxxxxx/External.js Line: 35"]
Thank you
Arn
Aug 21 '08 #1
Share this Question
Share on Google+
6 Replies


P: n/a
totalstranger wrote:
Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org
Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />
This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.
Anyone know how to get around this issue
You cannot, short of compromising your system's security.
or tell me what I'm doing that is wrong?
Posting like a luser.

<http://catb.org/~esr/faqs/smart-questions.html>
PointedEars
--
Prototype.js was written by people who don't know javascript for people
who don't know javascript. People who don't know javascript are not
the best source of advice on designing systems that use javascript.
-- Richard Cornford, cljs, <f8*******************@news.demon.co.uk>
Aug 21 '08 #2

P: n/a
On or about 8/21/2008 3:50 PM, it came to pass that Thomas 'PointedEars'
Lahn wrote:
totalstranger wrote:
>Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org

Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
>In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />

This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.
The base statement is not javascript a-hole, anyone proficient with HTML
would know that.
>
>Anyone know how to get around this issue

You cannot, short of compromising your system's security.
That's what document.domain is supposed to get around, however is
appears after additional reading it only works with Iframes.
>
>or tell me what I'm doing that is wrong?

Posting like a luser.
Learn to spell you schmuck.
>
<http://catb.org/~esr/faqs/smart-questions.html>
PointedEars
The problem with posting on groups like this is the a-hole/loosers who
choose to attack and diminish people who ask questions the
a-hole/loosers don't appreciate or feel they are above responding to in
a respectful manner.

Get a life.

You are officially plonked here, turd-blossom.
Aug 21 '08 #3

P: n/a
totalstranger wrote:
[...] Thomas 'PointedEars' Lahn wrote:
>totalstranger wrote:
>>Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org
Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
>>In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />
This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.

The base statement is not javascript a-hole, anyone proficient with HTML
would know that.
The `base' element is not a statement, as (X)HTML is a markup language and
not a programming language. Anyone with a minimum clue about (X)HTML would
know that.
[...]
You are officially plonked here, turd-blossom.
YMMD.
PointedEars
--
Use any version of Microsoft Frontpage to create your site.
(This won't prevent people from viewing your source, but no one
will want to steal it.)
-- from <http://www.vortex-webdesign.com/help/hidesource.htm>
Aug 21 '08 #4

P: n/a
totalstranger meinte:
>...luser...

Learn to spell you schmuck.
...loosers...
Now, that's funny.
--
http://photo.gregorkofler.at ::: Landschafts- und Reisefotografie
http://web.gregorkofler.com ::: meine JS-Spielwiese
http://www.image2d.com ::: Bildagentur für den alpinen Raum
Aug 21 '08 #5

P: n/a
On or about 8/21/2008 6:41 PM, it came to pass that Gregor Kofler wrote:
totalstranger meinte:
>>...luser...

Learn to spell you schmuck.
>...loosers...

Now, that's funny.

While not exactly the word I was seeking, it seems to fit PointedEars
quite well.

http://www.merriam-webster.com/dictionary/looser

4 a: lacking in restraint or power of restraint <a loose tongueb:
lacking moral restraint : unchaste c: overactive; specifically : marked
by frequent voiding especially of watery stools <loose bowels>

Aug 21 '08 #6

P: n/a
totalstranger wrote:
On or about 8/21/2008 6:41 PM, it came to pass that Gregor Kofler wrote:
>totalstranger meinte:
>>>...luser...

Learn to spell you schmuck.
>>...loosers...

Now, that's funny.

While not exactly the word I was seeking, it seems to fit PointedEars

FYI
<url: http://en.wikipedia.org/wiki/Luser >

Andrew Poulos
Aug 22 '08 #7

This discussion thread is closed

Replies have been disabled for this discussion.