Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 748
  • Last Modified:

Prevent Blocking asp.net page calling from asp page

Dear friends,

I have a ASP web application which is calling a asp.net application page.

In the asp.net page I am interacting a webservice and updating the database.

For example : My ASP Application website is rajaASP and the asp.net website name is rajaWS.

When I call the \\localhost\rajaASP\exportData.asp  page, it will popup  the \\localhost\rajaWS\exportThruWebservice.aspx.

And once the export process done thru Webservice it will terminate automatically.

This is working fine in my local webserver with domain name and with IP addess instead of localhost.

But when I checked with my friends machine , thru domain name the popup functionality is not working even we disable the popup blocker. I put the rajaWS as the trusted site also.

Anyone tell me why this happens. how to prevent it and enable the popup.

Is there any alternative way to call the aspx page without popup or invisible

Thanks.
<%@ Language=VBScript %>
<%
	Response.AddHeader "cachecontrol","private"
	Response.Expires =-1
	Response.CacheControl="no-cache"
%>
 
<!--#include file="menu.asp" -->
<!--#include file="Constants.inc" -->
 
<%
	if CStr(Session("sUserID")) = "" then
		Response.Clear 
		Response.Redirect "Signoff.asp"
	end if
	
	if Trim(Interface_DomainName) = "" then
		Response.Write "<div align='center'><font color=red><b>Interface Domain Name Required Some Value In Constant.inc File...</b></font></div>"
		Response.End 	
	End if
	
	Dim sSession_UserId
	
	sSession_UserId = Trim(UCase(Session("sUserID")))
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
	<meta http-equiv="Page-Enter" content="revealTrans(Duration=0,Transition=12)">
    <link href="library/GUI.css" rel="stylesheet" type="text/css">
    
    <Script language="JavaScript">
     var statusText;
     var iSearchType = '0';
     var sInterface_DomainName = '<%=Interface_DomainName%>';
     var sUserId = '<%=sSession_UserId%>';
    
     
	//This part is used to call the Ajax.	
	// Define a list of Microsoft XML HTTP ProgIDs.
	var XMLHTTPREQUEST_MS_PROGIDS = new Array("Msxml2.XMLHTTP.7.0",	
											  "Msxml2.XMLHTTP.6.0",
											  "Msxml2.XMLHTTP.5.0",
											  "Msxml2.XMLHTTP.4.0",
											  "Msxml2.XMLHTTP.3.0",
											  "Msxml2.XMLHTTP",
											  "Microsoft.XMLHTTP" );
	// Define ready state constants.
	var XMLHTTPREQUEST_READY_STATE_UNINITIALIZED = 0;
	var XMLHTTPREQUEST_READY_STATE_LOADING       = 1;
	var XMLHTTPREQUEST_READY_STATE_LOADED        = 2;
	var XMLHTTPREQUEST_READY_STATE_INTERACTIVE   = 3;
	var XMLHTTPREQUEST_READY_STATE_COMPLETED     = 4;
	
	var iRequest_Type = 0; //This will provides the type of the search (Attributes/Operators)
	//-----------------------------------------------------------------------------
	// Returns an XMLHttpRequest object.
	//-----------------------------------------------------------------------------
	function getXMLHttpRequest()
	{
		var httpRequest = null;
		// Create the appropriate HttpRequest object for the browser.
		if (window.XMLHttpRequest != null)
		{	httpRequest = new window.XMLHttpRequest(); }
		else if (window.ActiveXObject != null)
		{
			var success = false;
			for (var i=0;i < XMLHTTPREQUEST_MS_PROGIDS.length && !success;i++)
			{
				try
				{
					httpRequest = new ActiveXObject(XMLHTTPREQUEST_MS_PROGIDS[i]);
					success = true;
					break;
				}
				catch (ex)
				{}
			}
		}
		
		if (httpRequest == null)
		{alert("Error In HttpRequest():\n\nCannot create XMLHttpRequest object.");}
		return httpRequest;
	}
	
	var DataLookup = getXMLHttpRequest();
	
	function initiateDataLookup(sType,iDocumentType)
	{
		DataLookup.abort();
		var url = 'loadDropDown.asp?SearchType=' + sType + '&DocType=' + iDocumentType;
		DataLookup.onreadystatechange = DataReadyStateChange;
		DataLookup.open("GET",url,true);
		DataLookup.send(null);
	}
	
	function DataReadyStateChange()
	{
		switch (DataLookup.readystate)
		{
			case XMLHTTPREQUEST_READY_STATE_UNINITIALIZED:
					statusText = "";
					break;
			case XMLHTTPREQUEST_READY_STATE_LOADING:
					statusText = "Initializing...";
					break;
			case XMLHTTPREQUEST_READY_STATE_LOADED:
					statusText = "Sending Data.."; 		
					break;
			case XMLHTTPREQUEST_READY_STATE_INTERACTIVE:
					statusText = "Downloading Data..";
					break;
			case XMLHTTPREQUEST_READY_STATE_COMPLETED:
					try
					{
						statusText = "Data Downloaded..";
						var data = DataLookup.responseText;
						var sDescription = (data.split(':')[0]);
						var sValue       = (data.split(':')[1]);
			
						if (Trim(sDescription) == "Export Lock")
						{
							if (Trim(sValue) == "-19001")
							{
								dvParent.style.display   = 'none';
								dvMandInfo.style.display = 'none';
								dvExportStatus.style.display = 'block';
								frmExport.HDProcessStatus.value = '1';
							}
						}
						if (Trim(sDescription) == "Export Status")
						{
							if (Trim(sValue) != "0")
							{
								dvParent.style.display   = 'none';
								dvMandInfo.style.display = 'block';
								dvExportStatus.style.display = 'none';
								frmExport.HDProcessStatus.value = '1';
							}
							else
							{
								frmExport.HDProcessStatus.value = '0';
								fncProcessRequest();
							}
						}
						break;
					}
					catch(ex){
						statusText = "Error In Downloading The Data..";
						HDProcessStatus.value = '1';
					}
					break;
			default:
				statusText = "Unknown error..";
				break;
		}
		//alert(statusText)
	}
	
	function fncInitRequest()
	{
		initiateDataLookup(37,1);
		
		return false;
	}
	
	function fncYesClick()
	{
		try{
		frmExport.HDProcessStatus.value = '0';
		}
		catch(e){}
		fncProcessRequest();
		return false;
	}
 
	function fncProcessRequest()
	{
		var processStatus = "";
		try
		{ processStatus = frmExport.HDProcessStatus.value;}
		catch(e)
		{ processStatus = '0';}	
		if (processStatus != '0')
		{
			alert('Error in processing the request...');
		}
		else
		{
			var sActionPage;
			//initiateDataLookup(38,1);
			//alert(sInterface_DomainName + " : " + sUserId);
			sActionPage = "/" + sInterface_DomainName + "/exportThruWebservice.aspx?UserId=" + sUserId;
 
			anchoreInterface.href = sActionPage;
			anchoreInterface.click();
			document.location = "./exportXMLStatus.asp";
		}
		dvParent.style.display       = 'none';
		dvMandInfo.style.display     = 'none';
		dvExportStatus.style.display = 'none';
		return false;
	}
	     
 
		
	function fncNoClick()
	{
		dvParent.style.display   = 'block';
		dvMandInfo.style.display = 'none';
		dvExportStatus.style.display = 'none';
		return false;
	}		
		
	
	   // Removes leading and trailing spaces from the passed String. Also removes
	   // consecutive spaces and replaces item with one space. If something besides
	   // a String is passed in (null, custom Object, etc.) then return the input.
	   function Trim(inputString) {
	   if (typeof inputString != "string") { return inputString; }
	   var retValue = inputString;
	   var ch = retValue.substring(0, 1);
	   while (ch == " ") { // Check for spaces at the beginning of the string
	      retValue = retValue.substring(1, retValue.length);
	      ch = retValue.substring(0, 1);
	   }
	   ch = retValue.substring(retValue.length-1, retValue.length);
	   while (ch == " ") { // Check for spaces at the end of the string
	      retValue = retValue.substring(0, retValue.length-1);
	      ch = retValue.substring(retValue.length-1, retValue.length);
	   }
	   while (retValue.indexOf("  ") != -1) { // Note that there are two spaces in the string - look for multiple spaces within the string
	      retValue = retValue.substring(0, retValue.indexOf("  ")) + retValue.substring(retValue.indexOf("  ")+1, retValue.length); // Again, there are two spaces in each of the strings
	   }
	   return retValue; // Return the trimmed string back to the user
	} // Ends the "trim" function
 
 
 </Script>
 
</HEAD>
<BODY link="#004080" alink="#004080" vlink="#004080" text=Red>
<form name="frmExport" id="frmExport" method="post">
<table width="100%" height="100%">
<tr>
<td class="bodycontent" valign="top">
<a style="display:none;" name="anchoreInterface" id="anchoreInterface"></a>
 
<div id="dvParent">
	<table width=100% border=0 align=center cellpadding="0" cellspacing="0" ID="Table1">
		<tr>
			<td width=100% align=center class="pageheader"><b>Webserivce Export</b></td>
		</tr>
	</table>
 
	<table width=100% border=0 align=center cellpadding="0" cellspacing="0" ID="Table2">
		<tr>
			<td class="tablecontent" width=35%>
				<input type="button" class="cmdButtonsearch1"  value="Export through webservice" Style="Cursor:Hand;" id="btnRequest" name="btnRequest" OnClick="JavaScript: return fncInitRequest();">
			</td>
			<td class="tablecontent" width=75%>
				<input type="button" class="cmdbuttonNormal" value="Cancel" Style="Cursor:Hand;" id="btnCancel" name="btnCancel" OnClick="Javascript: document.location='./menu.asp';">
			</td>
		</tr>
	</table>	
</div>		
 
<div id="dvMandInfo">
	<br><br><br><br><br><br><br><br>
		<table width="400" border="0" align="center" cellpadding="0" cellspacing="0" ID="Table2">
		<tr>
		<td width="10%" align="left"><div align="left"><img src="Images/left.gif" width="44" height="147"></div></td>
		<td width="79%" background="Images/background.gif"><div align="center"><font size="3" face="Arial, Helvetica, sans-serif" color="#ffffff">
		<strong>Records are yet to be audited<br><br>Do you want to Continue(Y/N)?
		</Strong></font></div></td>
		<td width="11%"><img src="Images/right.gif" width="44" height="147"></td>
		</tr>
		<tr>
		<td colspan="3" background="Images/bg1.gif"><div align="center">
		<input type=button class=cmdbutton value="Yes" name=cmdYes id=cmdYes Style="Cursor:Hand" OnClick="Javascript:return fncYesClick();">
		<input type=button class=cmdbutton value="No"  name=cmdNo  id=cmdNo  Style="Cursor:Hand" OnClick="Javascript:return fncNoClick();"></div></td>
		</tr>
		</table>
</div>
 
<div id="dvExportStatus">
	<br><br><br><br><br><br><br><br>
	<div style="font-weight:bolder;" align=center>Export Process is used by some other user..</div>
</div>
</td>
</tr>
</table>
 
<input type="Hidden" id="HDProcessStatus" Name="HDProcessStatus" value="0">
</form>
</BODY>
<script>
		dvParent.style.display   = 'block';
		dvMandInfo.style.display = 'none';
		dvExportStatus.style.display = 'none';
		
</script>		
</HTML>

Open in new window

0
Rajasii
Asked:
Rajasii
1 Solution
 
Rodney HelsensCommented:
The way I undertand your issue, this is due to security in both Firefox and IE which prevents cross domain XMLHTTP calls.

There are articles available on how to get around this, I cannot say for certain what works, but here are some example reading

Bypassing XmlHttp Cross Domain Restrictions
http://www.nathanm.com/ajax-bypassing-xmlhttprequest-cross-domain-restriction/

How to make XmlHttp calls to another server in your domain
http://ajaxian.com/archives/how-to-make-xmlhttprequest-calls-to-another-server-in-your-domain

Finally, google search results
http://www.google.com/search?hl=en&safe=active&q=cross-domain+xmlhttp

0
 
RajasiiAuthor Commented:
Thanks rodnex: It made me simple.I solved the issue.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now