?
Solved

Cross Domain IFrame Access Denied

Posted on 2007-03-26
2
Medium Priority
?
932 Views
Last Modified: 2013-12-08
My question is what constitutes cross domain in IE7 and what can trigger it?  I'm trying to use ASP.NET Ajax preferably without having to edit the .js files myself.  We are using IFrames... the main site is:

Main Site:  portal.mydomain.com
IFramedPage:  mywebsite.mydomain.com:8002

I thought these would be in the same domain but I'm still getting IE7 'Access Denied' errors (mywebsite.mydomain.com works fine when it's not in an IFrame).  I have a blog entry to fix the issue but I need to know the following two questions

Questions:

1.)  Are those not in the same domain?
2.)  What the definition of the same domain in IE7 because I apparantly don't know it.
0
Comment
Question by:IUFITS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 5

Accepted Solution

by:
epochasset earned 1000 total points
ID: 18794641
Hi Iufits,

To my knowledge it would be the same host that the domain resolves to (and same port).

Think of this model.

mywebsite.mydomain.com  (.com is the first level of the domain, mydomain is the second level, and mywebsite is the third).

These are technically two different third level domains (while their the same second and first, etc).

This error may not clearly indicate its presense though.

Check into the following two links and see if anything there may help.  Good luck.

http://weblogs.asp.net/bleroy/archive/2007/01/31/how-to-work-around-the-quot-access-denied-quot-cross-domain-frame-issue-in-asp-net-ajax-1-0.aspx

http://blogs.msdn.com/delay/archive/2007/02/05/safely-avoiding-the-access-denied-dialog-how-to-work-around-the-access-denied-cross-domain-iframe-issue-in-the-ajax-control-toolkit.aspx
0
 
LVL 2

Assisted Solution

by:alfredwhang
alfredwhang earned 1000 total points
ID: 18798894
this is more commonly known as cross site scripting or XSS.  go wiki on it.  doesn't matter how you do it so long as your page refers to two or more different sources then you will have trouble with any secured browser.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Several part series to implement Internet Explorer 11 Enterprise Mode
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question