Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Prevent Blocking asp.net page calling from asp page

Posted on 2008-06-25
2
Medium Priority
?
745 Views
Last Modified: 2010-04-21
Dear friends,

I have a ASP web application which is calling a asp.net application page.

In the asp.net page I am interacting a webservice and updating the database.

For example : My ASP Application website is rajaASP and the asp.net website name is rajaWS.

When I call the \\localhost\rajaASP\exportData.asp  page, it will popup  the \\localhost\rajaWS\exportThruWebservice.aspx.

And once the export process done thru Webservice it will terminate automatically.

This is working fine in my local webserver with domain name and with IP addess instead of localhost.

But when I checked with my friends machine , thru domain name the popup functionality is not working even we disable the popup blocker. I put the rajaWS as the trusted site also.

Anyone tell me why this happens. how to prevent it and enable the popup.

Is there any alternative way to call the aspx page without popup or invisible

Thanks.
<%@ Language=VBScript %>
<%
	Response.AddHeader "cachecontrol","private"
	Response.Expires =-1
	Response.CacheControl="no-cache"
%>
 
<!--#include file="menu.asp" -->
<!--#include file="Constants.inc" -->
 
<%
	if CStr(Session("sUserID")) = "" then
		Response.Clear 
		Response.Redirect "Signoff.asp"
	end if
	
	if Trim(Interface_DomainName) = "" then
		Response.Write "<div align='center'><font color=red><b>Interface Domain Name Required Some Value In Constant.inc File...</b></font></div>"
		Response.End 	
	End if
	
	Dim sSession_UserId
	
	sSession_UserId = Trim(UCase(Session("sUserID")))
%>
<HTML>
<HEAD>
<META NAME="GENERATOR" Content="Microsoft Visual Studio 6.0">
	<meta http-equiv="Page-Enter" content="revealTrans(Duration=0,Transition=12)">
    <link href="library/GUI.css" rel="stylesheet" type="text/css">
    
    <Script language="JavaScript">
     var statusText;
     var iSearchType = '0';
     var sInterface_DomainName = '<%=Interface_DomainName%>';
     var sUserId = '<%=sSession_UserId%>';
    
     
	//This part is used to call the Ajax.	
	// Define a list of Microsoft XML HTTP ProgIDs.
	var XMLHTTPREQUEST_MS_PROGIDS = new Array("Msxml2.XMLHTTP.7.0",	
											  "Msxml2.XMLHTTP.6.0",
											  "Msxml2.XMLHTTP.5.0",
											  "Msxml2.XMLHTTP.4.0",
											  "Msxml2.XMLHTTP.3.0",
											  "Msxml2.XMLHTTP",
											  "Microsoft.XMLHTTP" );
	// Define ready state constants.
	var XMLHTTPREQUEST_READY_STATE_UNINITIALIZED = 0;
	var XMLHTTPREQUEST_READY_STATE_LOADING       = 1;
	var XMLHTTPREQUEST_READY_STATE_LOADED        = 2;
	var XMLHTTPREQUEST_READY_STATE_INTERACTIVE   = 3;
	var XMLHTTPREQUEST_READY_STATE_COMPLETED     = 4;
	
	var iRequest_Type = 0; //This will provides the type of the search (Attributes/Operators)
	//-----------------------------------------------------------------------------
	// Returns an XMLHttpRequest object.
	//-----------------------------------------------------------------------------
	function getXMLHttpRequest()
	{
		var httpRequest = null;
		// Create the appropriate HttpRequest object for the browser.
		if (window.XMLHttpRequest != null)
		{	httpRequest = new window.XMLHttpRequest(); }
		else if (window.ActiveXObject != null)
		{
			var success = false;
			for (var i=0;i < XMLHTTPREQUEST_MS_PROGIDS.length && !success;i++)
			{
				try
				{
					httpRequest = new ActiveXObject(XMLHTTPREQUEST_MS_PROGIDS[i]);
					success = true;
					break;
				}
				catch (ex)
				{}
			}
		}
		
		if (httpRequest == null)
		{alert("Error In HttpRequest():\n\nCannot create XMLHttpRequest object.");}
		return httpRequest;
	}
	
	var DataLookup = getXMLHttpRequest();
	
	function initiateDataLookup(sType,iDocumentType)
	{
		DataLookup.abort();
		var url = 'loadDropDown.asp?SearchType=' + sType + '&DocType=' + iDocumentType;
		DataLookup.onreadystatechange = DataReadyStateChange;
		DataLookup.open("GET",url,true);
		DataLookup.send(null);
	}
	
	function DataReadyStateChange()
	{
		switch (DataLookup.readystate)
		{
			case XMLHTTPREQUEST_READY_STATE_UNINITIALIZED:
					statusText = "";
					break;
			case XMLHTTPREQUEST_READY_STATE_LOADING:
					statusText = "Initializing...";
					break;
			case XMLHTTPREQUEST_READY_STATE_LOADED:
					statusText = "Sending Data.."; 		
					break;
			case XMLHTTPREQUEST_READY_STATE_INTERACTIVE:
					statusText = "Downloading Data..";
					break;
			case XMLHTTPREQUEST_READY_STATE_COMPLETED:
					try
					{
						statusText = "Data Downloaded..";
						var data = DataLookup.responseText;
						var sDescription = (data.split(':')[0]);
						var sValue       = (data.split(':')[1]);
			
						if (Trim(sDescription) == "Export Lock")
						{
							if (Trim(sValue) == "-19001")
							{
								dvParent.style.display   = 'none';
								dvMandInfo.style.display = 'none';
								dvExportStatus.style.display = 'block';
								frmExport.HDProcessStatus.value = '1';
							}
						}
						if (Trim(sDescription) == "Export Status")
						{
							if (Trim(sValue) != "0")
							{
								dvParent.style.display   = 'none';
								dvMandInfo.style.display = 'block';
								dvExportStatus.style.display = 'none';
								frmExport.HDProcessStatus.value = '1';
							}
							else
							{
								frmExport.HDProcessStatus.value = '0';
								fncProcessRequest();
							}
						}
						break;
					}
					catch(ex){
						statusText = "Error In Downloading The Data..";
						HDProcessStatus.value = '1';
					}
					break;
			default:
				statusText = "Unknown error..";
				break;
		}
		//alert(statusText)
	}
	
	function fncInitRequest()
	{
		initiateDataLookup(37,1);
		
		return false;
	}
	
	function fncYesClick()
	{
		try{
		frmExport.HDProcessStatus.value = '0';
		}
		catch(e){}
		fncProcessRequest();
		return false;
	}
 
	function fncProcessRequest()
	{
		var processStatus = "";
		try
		{ processStatus = frmExport.HDProcessStatus.value;}
		catch(e)
		{ processStatus = '0';}	
		if (processStatus != '0')
		{
			alert('Error in processing the request...');
		}
		else
		{
			var sActionPage;
			//initiateDataLookup(38,1);
			//alert(sInterface_DomainName + " : " + sUserId);
			sActionPage = "/" + sInterface_DomainName + "/exportThruWebservice.aspx?UserId=" + sUserId;
 
			anchoreInterface.href = sActionPage;
			anchoreInterface.click();
			document.location = "./exportXMLStatus.asp";
		}
		dvParent.style.display       = 'none';
		dvMandInfo.style.display     = 'none';
		dvExportStatus.style.display = 'none';
		return false;
	}
	     
 
		
	function fncNoClick()
	{
		dvParent.style.display   = 'block';
		dvMandInfo.style.display = 'none';
		dvExportStatus.style.display = 'none';
		return false;
	}		
		
	
	   // Removes leading and trailing spaces from the passed String. Also removes
	   // consecutive spaces and replaces item with one space. If something besides
	   // a String is passed in (null, custom Object, etc.) then return the input.
	   function Trim(inputString) {
	   if (typeof inputString != "string") { return inputString; }
	   var retValue = inputString;
	   var ch = retValue.substring(0, 1);
	   while (ch == " ") { // Check for spaces at the beginning of the string
	      retValue = retValue.substring(1, retValue.length);
	      ch = retValue.substring(0, 1);
	   }
	   ch = retValue.substring(retValue.length-1, retValue.length);
	   while (ch == " ") { // Check for spaces at the end of the string
	      retValue = retValue.substring(0, retValue.length-1);
	      ch = retValue.substring(retValue.length-1, retValue.length);
	   }
	   while (retValue.indexOf("  ") != -1) { // Note that there are two spaces in the string - look for multiple spaces within the string
	      retValue = retValue.substring(0, retValue.indexOf("  ")) + retValue.substring(retValue.indexOf("  ")+1, retValue.length); // Again, there are two spaces in each of the strings
	   }
	   return retValue; // Return the trimmed string back to the user
	} // Ends the "trim" function
 
 
 </Script>
 
</HEAD>
<BODY link="#004080" alink="#004080" vlink="#004080" text=Red>
<form name="frmExport" id="frmExport" method="post">
<table width="100%" height="100%">
<tr>
<td class="bodycontent" valign="top">
<a style="display:none;" name="anchoreInterface" id="anchoreInterface"></a>
 
<div id="dvParent">
	<table width=100% border=0 align=center cellpadding="0" cellspacing="0" ID="Table1">
		<tr>
			<td width=100% align=center class="pageheader"><b>Webserivce Export</b></td>
		</tr>
	</table>
 
	<table width=100% border=0 align=center cellpadding="0" cellspacing="0" ID="Table2">
		<tr>
			<td class="tablecontent" width=35%>
				<input type="button" class="cmdButtonsearch1"  value="Export through webservice" Style="Cursor:Hand;" id="btnRequest" name="btnRequest" OnClick="JavaScript: return fncInitRequest();">
			</td>
			<td class="tablecontent" width=75%>
				<input type="button" class="cmdbuttonNormal" value="Cancel" Style="Cursor:Hand;" id="btnCancel" name="btnCancel" OnClick="Javascript: document.location='./menu.asp';">
			</td>
		</tr>
	</table>	
</div>		
 
<div id="dvMandInfo">
	<br><br><br><br><br><br><br><br>
		<table width="400" border="0" align="center" cellpadding="0" cellspacing="0" ID="Table2">
		<tr>
		<td width="10%" align="left"><div align="left"><img src="Images/left.gif" width="44" height="147"></div></td>
		<td width="79%" background="Images/background.gif"><div align="center"><font size="3" face="Arial, Helvetica, sans-serif" color="#ffffff">
		<strong>Records are yet to be audited<br><br>Do you want to Continue(Y/N)?
		</Strong></font></div></td>
		<td width="11%"><img src="Images/right.gif" width="44" height="147"></td>
		</tr>
		<tr>
		<td colspan="3" background="Images/bg1.gif"><div align="center">
		<input type=button class=cmdbutton value="Yes" name=cmdYes id=cmdYes Style="Cursor:Hand" OnClick="Javascript:return fncYesClick();">
		<input type=button class=cmdbutton value="No"  name=cmdNo  id=cmdNo  Style="Cursor:Hand" OnClick="Javascript:return fncNoClick();"></div></td>
		</tr>
		</table>
</div>
 
<div id="dvExportStatus">
	<br><br><br><br><br><br><br><br>
	<div style="font-weight:bolder;" align=center>Export Process is used by some other user..</div>
</div>
</td>
</tr>
</table>
 
<input type="Hidden" id="HDProcessStatus" Name="HDProcessStatus" value="0">
</form>
</BODY>
<script>
		dvParent.style.display   = 'block';
		dvMandInfo.style.display = 'none';
		dvExportStatus.style.display = 'none';
		
</script>		
</HTML>

Open in new window

0
Comment
Question by:Rajasii
2 Comments
 
LVL 9

Accepted Solution

by:
Rodney Helsens earned 2000 total points
ID: 21865903
The way I undertand your issue, this is due to security in both Firefox and IE which prevents cross domain XMLHTTP calls.

There are articles available on how to get around this, I cannot say for certain what works, but here are some example reading

Bypassing XmlHttp Cross Domain Restrictions
http://www.nathanm.com/ajax-bypassing-xmlhttprequest-cross-domain-restriction/

How to make XmlHttp calls to another server in your domain
http://ajaxian.com/archives/how-to-make-xmlhttprequest-calls-to-another-server-in-your-domain

Finally, google search results
http://www.google.com/search?hl=en&safe=active&q=cross-domain+xmlhttp

0
 

Author Closing Comment

by:Rajasii
ID: 31470540
Thanks rodnex: It made me simple.I solved the issue.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword (May 2015) This web page has appeared at Google.  It's definitely worth considering! https://www.google.com/about/careers/students/guide-to-technical-development.html How to Know You are Making a Difference at EE In August, 2013, one …
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
This video teaches users how to migrate an existing Wordpress website to a new domain.
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question