Solved

MSXML2.XMLHTTP fails in Windows 2003 but works OK in Windows 2000. How dow I fix this problem on the 2003?

Posted on 2004-08-10
10
1,619 Views
Last Modified: 2008-01-09
In my code I have a postXML java script function that works OK when my code is executed on a Windows 2000 server with IIS 5.0, however the same code does not work on a Windows 2003 server that  comes with iIIS 6.0 and msxml4 (sp 4) installed. Is this a 2003 setup/security problem, or, it is a java script problem?

function postXML (url, xmlDocument) {
   var httpRequest;
   try {
      httpRequest = new ActiveXObject('Msxml2.XMLHTTP');
      httpRequest.open('POST', url, false);
      httpRequest.send(xmlDocument);
      return httpRequest;
      }
   catch (e) {
     alert("(IE) - " + e);
     return null;
     }
   }      
</script>

I am not very familiar with Windows  2003, so please advise accordingly!
0
Comment
Question by:ablazso
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 26

Assisted Solution

by:rdcpro
rdcpro earned 230 total points
ID: 11762976
Ths is most certainly due to the fact that 2003 installs with very strict security.  I'm not sure exactly what your scenario is.  Are you running this code server-side (as in ASP or ASP.NET), or is this running in IE6 on the Windows 2003 box?  The server and client security models are different.  Also, the URL you are posting to, and the URL that serves the page must be from the same domain.  I'm assuming this is client-side code, because you're using the client-side version of the object.  In that case, I'm wondering why you're doing this on a server.   IE 6 is locked down pretty tight on Win2k3.

Regards,
Mike Sharp
0
 

Author Comment

by:ablazso
ID: 11764012
Yes my whole program is written in html and java script.  It was  running on a Linux server very well , but because I changed it  to convert the output to PDF, now with an embedded font, I decided to put it on our 2003 server that has a windows based HTML to PDF conversion routine. The PDF must be delivered to the client, so it may be printed.  Can you suggest me a better alternative? Would you like to any other part of this program?
0
 
LVL 26

Assisted Solution

by:rdcpro
rdcpro earned 230 total points
ID: 11765652
Well, the Msxml2.XMLHTTP object runs in Internet Explorer's security context, and is based on wininet.  You might try switching to the ServerXMLHTTP request object, which runs using winhttp, and has a separate TCP/IP stack.  It's also a lot more flexible.  But this is only a good idea if the javascript is actually running on the server, like for example it was running under windows scripting host.  But if I understand things, the client downloads an HTML page, which contains this javascript, and this is running under the client's browser, isn't it?  That means it's executing on the client operating system, not your server.  In which case, I'd look for cross-domain security issues if the URL points to a different machine than your Windows 2003 server.

Regards,
Mike Sharp
0
Stressed Out?

Watch some penguins on the livecam!

 

Author Comment

by:ablazso
ID: 11767496
Yes, you are correct the java scrip runs on the client's browser, but it works correctly, as is, if it is from the Linux server or Windows 2000 server. I would leave the program on either of these, if it were not for the HTML to PDF conversion with embedded fonts I absolutely must have. Would you like to see the two html programs? I am willing to e-mail it to you or use whatever delivery means you prefer!@
0
 
LVL 26

Assisted Solution

by:rdcpro
rdcpro earned 230 total points
ID: 11768069
I guess it's worth a try.  Zip them up and email them to rdcpro@hotmail.com

Regards,
Mike Sharp
0
 
LVL 53

Assisted Solution

by:COBOLdinosaur
COBOLdinosaur earned 20 total points
ID: 11768568
Could be a version issue Try these:
      new ActiveXObject("Microsoft.XMLHTTP");
or
      new ActiveXObject("MSXML2.XMLHTTP.4.0");

Cd&
0
 

Author Comment

by:ablazso
ID: 11768691
Ok, I shall!
Unfortunatelly, the server is down for some software and hardware upgrage today!
0
 
LVL 26

Assisted Solution

by:rdcpro
rdcpro earned 230 total points
ID: 11768946
I thought about that possibility, but the code executes on the client.  

I would stay away from Microsoft.XMLHTTP as it's quite old.

Regards,
Mike Sharp
0
 

Author Comment

by:ablazso
ID: 11769759
OK I am willing to...! But what should I replace it with? Can you point me to some write-up or documentation on some newer stuff?
On the other hand, my simplistic programs works just fine!  Why finx if it ain't broke?
0
 
LVL 26

Accepted Solution

by:
rdcpro earned 230 total points
ID: 11778243
Yes, I’m pretty certain it’s a cross-domain data access problem, and it wouldn’t matter whether it was Win2k3 or some other machine. You can find out for sure by modifying your browser settings to prompt for cross-domain access.  

You can visit this page:
http://rdcpro.com/Members/rdcpro/tools/

where I’ve placed a tool that uses an XMLHTTP request to retrieve (by default) the Google home page.  If you have “prompt” enabled, when you click “Load HTML” you’ll see a popup that says:

“This page is accessing information that is not under its control.  This poses a security risk. Do you want to continue?”

If you answer no, or if you have cross-domain data access disabled, you’ll see a differnt dialog that's generated by my code in a try-catch block.

In order to fix this, you’ll have to put some server-side code on the Win2k3 box.  This will make a server-side XMLHTTP request using the ServerXMLHTTPRequest object, passing the credentials to the Linux box, and retrieve the session cookie that the linux box returns (or whatever it does to authenticate the browser).  Then you can explicitly set this on the response to the client.  It’s a pain, but I think it’s the only realistic approach.  Essentially you have to aggregate all the service calls to the Win2k3 box.  

There *might* be some DNS trickery you can use, though.  It seems to me here at work we used DNS to make the browser think a request was coming from our domain…It’s worth looking into.

Regards,
Mike Sharp
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Browsing the questions asked to the Experts of this forum, you will be amazed to see how many times people are headaching about monster regular expressions (regex) to select that specific part of some HTML or XML file they want to extract. The examp…
I was working on a PowerPoint add-in the other day and a client asked me "can you implement a feature which processes a chart when it's pasted into a slide from another deck?". It got me wondering how to hook into built-in ribbon events in Office.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question