473,500 Members | 1,967 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Subdomain Ajax script denied access to primary domain

Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org

In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />

Anyone know how to get around this issue or tell me what I'm doing that
is wrong?

Name of test page:
http://thepatsyreport.arnb.org/indexx.php
The error can be created by clicking on the find icon after a band name.
(Looks like a magnifying glass)

Errors from Firefox console.(original directory name changed to
xxxxxxxxxx) As expected this also fails in IE7, Safari, and Opera

Security Error: Content at http://thepatsyreport.arnb.org/indexx.php may
not load data from
http://www.arnb.org/xxxxxxxxxx/Exter...&1219330078689.

Error: uncaught exception: [Exception... "Access to restricted URI
denied" code: "1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)"
location: "http://www.arnb.org/xxxxxxxxxx/External.js Line: 35"]
Thank you
Arn
Aug 21 '08 #1
6 2032
totalstranger wrote:
Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org
Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />
This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.
Anyone know how to get around this issue
You cannot, short of compromising your system's security.
or tell me what I'm doing that is wrong?
Posting like a luser.

<http://catb.org/~esr/faqs/smart-questions.html>
PointedEars
--
Prototype.js was written by people who don't know javascript for people
who don't know javascript. People who don't know javascript are not
the best source of advice on designing systems that use javascript.
-- Richard Cornford, cljs, <f8*******************@news.demon.co.uk>
Aug 21 '08 #2
On or about 8/21/2008 3:50 PM, it came to pass that Thomas 'PointedEars'
Lahn wrote:
totalstranger wrote:
>Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org

Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
>In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />

This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.
The base statement is not javascript a-hole, anyone proficient with HTML
would know that.
>
>Anyone know how to get around this issue

You cannot, short of compromising your system's security.
That's what document.domain is supposed to get around, however is
appears after additional reading it only works with Iframes.
>
>or tell me what I'm doing that is wrong?

Posting like a luser.
Learn to spell you schmuck.
>
<http://catb.org/~esr/faqs/smart-questions.html>
PointedEars
The problem with posting on groups like this is the a-hole/loosers who
choose to attack and diminish people who ask questions the
a-hole/loosers don't appreciate or feel they are above responding to in
a respectful manner.

Get a life.

You are officially plonked here, turd-blossom.
Aug 21 '08 #3
totalstranger wrote:
[...] Thomas 'PointedEars' Lahn wrote:
>totalstranger wrote:
>>Using an AJAX Javascript function that works fine if it's in the primary
domain www.arnb.org, but suffers from a security error when attempted
from a subdomain, thepatsyreport.arnb.org
Works as designed. RTFM, RTFFAQ (<http://jibbering.com/faq/>), STFW.
>>In the subdomain HTML I have a base statement, and set document.domain
to 'arnb.org' with Javascript
<base href="http://www.arnb.org" />
This is either a borken HTML fragment, or an XHTML fragment. It is
certainly not "Javascript", whatever you imagine that to be.

The base statement is not javascript a-hole, anyone proficient with HTML
would know that.
The `base' element is not a statement, as (X)HTML is a markup language and
not a programming language. Anyone with a minimum clue about (X)HTML would
know that.
[...]
You are officially plonked here, turd-blossom.
YMMD.
PointedEars
--
Use any version of Microsoft Frontpage to create your site.
(This won't prevent people from viewing your source, but no one
will want to steal it.)
-- from <http://www.vortex-webdesign.com/help/hidesource.htm>
Aug 21 '08 #4
totalstranger meinte:
>...luser...

Learn to spell you schmuck.
...loosers...
Now, that's funny.
--
http://photo.gregorkofler.at ::: Landschafts- und Reisefotografie
http://web.gregorkofler.com ::: meine JS-Spielwiese
http://www.image2d.com ::: Bildagentur für den alpinen Raum
Aug 21 '08 #5
On or about 8/21/2008 6:41 PM, it came to pass that Gregor Kofler wrote:
totalstranger meinte:
>>...luser...

Learn to spell you schmuck.
>...loosers...

Now, that's funny.

While not exactly the word I was seeking, it seems to fit PointedEars
quite well.

http://www.merriam-webster.com/dictionary/looser

4 a: lacking in restraint or power of restraint <a loose tongueb:
lacking moral restraint : unchaste c: overactive; specifically : marked
by frequent voiding especially of watery stools <loose bowels>

Aug 21 '08 #6
totalstranger wrote:
On or about 8/21/2008 6:41 PM, it came to pass that Gregor Kofler wrote:
>totalstranger meinte:
>>>...luser...

Learn to spell you schmuck.
>>...loosers...

Now, that's funny.

While not exactly the word I was seeking, it seems to fit PointedEars

FYI
<url: http://en.wikipedia.org/wiki/Luser >

Andrew Poulos
Aug 22 '08 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
4
5037
can someone explain the cross domain security re AjAX in IE?
by: Adrian | last post by:
can someone explain the cross domain security re AJAX in IE? I have a page that calls a web service (WS) from another domain (the target browser is only IE6) and displays it's results! all works...
Javascript
11
8563
Parsing iframe's XML in JavaScript (AJAX trick?)
by: vunet.us | last post by:
Since XMLHTTP Request does not support loading of XML from other servers, I decided to use a trick: load XML into hidden iframe and then get that XML with JavaScript to parse. But, is this a good...
Javascript
3
19826
problem with IE and (ajax) file upload via iframe: javascript error access denied/zugriff verweigert
by: markus.rietzler | last post by:
i want to do (multiple) file upload(s) and display a progress bar. with firefox and safari it is no problem at all. only IE makes some problems. my script is based on ajax-uploader, which can be...
Javascript
2
1972
tolkienarda
reading subdomain
by: tolkienarda | last post by:
hi all i have a wildcard subdomain that will redirect all subdomains to one page. this page is a php script that will read the what subdomain they entered and if it is valid it will redirect to...
PHP
8
2789
I need a subdomain service like kickme.to
by: stiv | last post by:
I want to give users of my site the option to register for a subdomain redirection service. I scanned the Internet for some script, but didn't really find anything that works. Tried the PHP script...
PHP
2
8823
AJAX + Webserivces = error 12030
by: kpg | last post by:
I have an AJAX enabled web service consumed by an AJAX enabled web app, given a zip code it returns the city and state. Tested the web service, it works fine. I created a services collection...
ASP.NET
0
1280
Access denied when viewing an ajax web page in outlook.
by: Jeremy | last post by:
If I create a folder in outlook and give it a homepage url to an ajax asp.net page I've developed, I get ajax errors on my page when viewed in outlook. If I click on a button in an update panel...
ASP.NET
2
2090
Iframes and getting their current URL within Subdomain
by: RyanRitten | last post by:
Hey all, Quick question. My website is : http://mywebsite:1234 and I load into an IFRAME this url : http://anotherwebsite:2828
Javascript
3
3498
Ajax not working in mozilla
by: sarika | last post by:
Hi all I m making a website in which i have used ajax technology . When i make a page request throght ajax it works fine in IE but giving problems in Mozilla .In mozila i m getting 403 status code...
PHP
0
7136
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
7018
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
7232
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6906
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
7397
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
4611
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
C# / C Sharp
0
3106
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1430
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
1
672
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us