473,387 Members | 1,481 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > javascript > questions > need assistance reinventing the wheel.....

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Need assistance reinventing the wheel.....

jim
I know it is stupid. I know browsers have this capability built in. I
know. I know. I know.

Still, is there a way to use javascript to enforce the same type of
cross-domain blocking that browsers implement, on pages from the same
server?

Let's say that I have several different pages on the same server - same
domain - but are authored by different people. I want to make sure that
one page cannot be used to see or manipulate another page on the same
server and domain - even if one page loads another in a frame.

Again, I know that this has been done in browsers for different domains.
My need is slightly different in that I want to prevent cross-page
scripting in the same domain on the same server without turning off
javascript completely.

Any help would be greatly appreciated.

jim
Oct 24 '08 #1
2 1012
On 2008-10-25 00:42, jim wrote:
Let's say that I have several different pages on the same server - same
domain - but are authored by different people. I want to make sure that
one page cannot be used to see or manipulate another page on the same
server and domain - even if one page loads another in a frame.
As far as I know, this isn't possible (unless you're using different
ports, or a different protocol). You can't use the browser to enforce
the separation, and a script that has total access to a document in
another frame can do whatever it wants there. Not even "private" values
in closures are safe.

You'll want to use different subdomains, at least. That will
automatically protect your scripts through the "same origin" policy in
(current) web browsers. Be careful how you set your cookies, though.
- Conrad
Oct 25 '08 #2
On Oct 24, 6:42 pm, jim <j...@home.netwrote:
I know it is stupid. I know browsers have this capability built in. I
know. I know. I know.

Still, is there a way to use javascript to enforce the same type of
cross-domain blocking that browsers implement, on pages from the same
server?
This is easily accomplished in an http handler for apache or IIS. If
it is possible at all with client side javascript, it would be a
kludge.

Bob
Oct 27 '08 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
php my admin - reinventing the wheel - mysql front-end
by: windandwaves | last post by:
Hi Folk I am an PHP novice. Right now, I am redeveloping the wheel by creating my own type of PHP MyAdmin tool for my clients so that they can manage some data. A good exercise, but probably...
PHP
45
need help on generator...
by: Joh | last post by:
hello, i'm trying to understand how i could build following consecutive sets from a root one using generator : l = would like to produce : , , , ,
Python
10
I Need Motivation Part 2
by: blah | last post by:
i m currently in a network (LAN). i started python because i heard that it has great ability for networking programs and/or scripts, but i m losing my motivation with python because there are sooo...
Python
19
Need better argument for using bound forms
by: James Fortune | last post by:
I have a lot of respect for David Fenton and Allen Browne, but I don't understand why people who know how to write code to completely replace a front end do not write something that will automate...
Microsoft Access / VBA
34
need a code sample for bubble sort
by: Mark Kamoski | last post by:
Hi-- Please help. I need a code sample for bubble sort. Thank you. --Mark
C# / C Sharp
2
Reinventing the Wheel (or ListDictionary)
by: Doug | last post by:
Not that I'd actually do this... but knowing the answer would give me a bit more understanding of the .NET Framework and the base class libraries - specifically how things work in relation to my...
C# / C Sharp
1
Integration between two systems w/o reinventing the wheel
by: Graham Smith | last post by:
Hi, I'd like to write a little bidirectional connector, which should sync data between two systems. Are there any components which I can use for this purpose, without reinvening the wheel? ...
C# / C Sharp
16
Still Need desperate help to start with ASP NET - simplified problems - HELP!!
by: pamelafluente | last post by:
I am still working with no success on that client/server problem. I need your help. I will submit simplified versions of my problem so we can see clearly what is going on. My model: A client...
ASP.NET
7
e-commerce site - need advice
by: John Paul | last post by:
I'm thinking of building an e-commerce site in php. Anyone got any advice in building one? What is the best way to implement a payment system? Are any legal issues involved? Thanks,
PHP
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!