This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes HTML, CSS and JavaScript and the fly likes Permission Denied Error Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Engineering » HTML, CSS and JavaScript
Bookmark "Permission Denied Error" Watch "Permission Denied Error" New topic
Author

Permission Denied Error

Anirvan Majumdar
Ranch Hand

Joined: Feb 22, 2005
Posts: 261
Hello,

While I am aware that both Firefox and IE have a "same domain policy" as a security measure, I write to seek some other options to implement my requirements.

The situation I have is:
We have a web application wherein a Javascript method makes an AJAX call to the server to receive XML data and then converts it into HTML content and then populates this content within DIV elements having a particular ID. (Something similar to say Google Maps.)

However the problem arises when a user of my server's functionality makes a call to the Javascript method from an HTML page operating in some other domain. The user includes the script from my domain in his/her HTML page. And thereof, when needed, the ID of the DIV element to be populated is passed to my method from that HTML page. But whenever, my method makes the AJAX call, I get the "Permission Denied" error. I have reasearched the web and realized this is a security feature in browsers.

So it will be really helpful for me if anyone can guide me an alternative way to implement this kind of a functionality.

Thanks a lot :-]
Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
Take a look at this example I wrote awhile back.

http://www.pascarello.com/examples/JsonYahooExample.html

The example sses JSON to talk to an outside server. You can see the code by viewing the source of the page or looking at it in Firebug.

Eric
Anirvan Majumdar
Ranch Hand

Joined: Feb 22, 2005
Posts: 261
Hello Eric,

The reason I want to avoid using JSON is the overheads involved in transforming the XML data into JSON. And besides, I have never worked with JSON so there would be some overheads involving time too. Is there some other simpler way in which I can continue using the AJAX call from the remote Javascript?

----------------------------
Web Server 1 = www.abc.com
----------------------------
<script src="http://www.xyz.com/js/data.js"/>

----------------------------
Web Server 2 = www.xyz.com (data.js)
----------------------------
// Makes AJAX call to application and transforms the XML data into
// HTML and then populates DIVs present in the HTML document that
// invoked it.


As of now, I keep getting the "Permission Denied" error.

Eric Pascarello
author
Rancher

Joined: Nov 08, 2001
Posts: 15376
    
    6
JSON is rather easy, it is just like XML, only in a simple form without < and > tags. Learn JSON and you learn a new and hot skill. It will take you 5 minutes to undertand it.

Goto http://json.org/ and gives you the basic information. Look at the bottom and there is info on differnet languages.

You are not going to be able to use Ajax accross domains. You already know that, so this is your only real option unless you want the people running this code to have to run a local proxy. I doubt you would want to do that.

Eric
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61066
    
  66

Actually you can run a proxy on your local server to access remote services; I went into great detail on how to do this in the Web Services chapter of Ajax in Practice.

Basically, you write a servlet (or other server-side processing unit) to access the remote service on your behalf, collect the response and relay it to your page. Because the servlet is on the server, it is not subject to the browser's cross-domain restrictions.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
Anirvan Majumdar
Ranch Hand

Joined: Feb 22, 2005
Posts: 261
@ Eric: JSON does look like a neat alternative, albeit the reluctance to change from the all too familiar XML :-/ Have started learning about JSON nonetheles.

@ Bear: Yups, have already put the proxy into place. But as things have a way to get entangled, our web app is Java based while one of the users of our services has the web app running behind an IIS server. Durned I haven't got any about IIS (totally into Tomcat and Apache) and those folks aren't particularly bright with proxies. Any pointers as to where I can get some proxy related help w.r.t IIS?

Also, any ideas as to how the folks @ Google implemented their Maps application? Is it also JSON based 'coz there's no question of proxies and it is all about cross browser scripting.

Thanks a lot to all.
[ November 16, 2007: Message edited by: Anirvan Majumdar ]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Permission Denied Error