Solved

How to allow a cross domain page to access (and modify) my form fields?

Posted on 2008-10-21
6
1,045 Views
Last Modified: 2012-06-27
I got two pages:

* A.jsp has an html form named "iForm" with address fields and a popup link to B.jsp

* B.jsp allows the user to select an addressID value and use that value to populate iForm.addressID by doing:

   window.opener.document.forms['iForm'].addressID.value = selectedValueFormPopup;

So far everything's fine and dandy.

However, when A.jsp resides on a different server, I get a security error message:

"permission denied to get property Window.document"

How can I allow B.jsp access to fields on A.jsp?

(I know I can pass JSON messages to A.jsp via its url query string, but that is not the preferred method).

Help much appreciated.
0
Comment
Question by:coniglio14
  • 3
  • 3
6 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22775779
1. use url (you said no)
2. use a javascript residing on server A in page from server B
3. call the server A's pages from server B and present as server B's page


So if you in page A load a javascript from server B, this script can fill in the form:
http://ajaxpatterns.org/On-Demand_Javascript

function ensureUploadScriptIsLoaded() {

   if (self.uploadScript) { // Already exists

     return;

   }

   var head = document.getElementsByTagName("head")[0];

   script = document.createElement('script');

   script.id = 'uploadScript';

   script.type = 'text/javascript';

   script.src = "http://www.serverB.com/formfill.jsp?parameter="+parms;

   head.appendChild(script);

 }

Open in new window

0
 

Author Comment

by:coniglio14
ID: 22776702
Tried your solution number 2:

A.jsp sits on server A and has form "iForm" whose fields are to be populated (A.jsp has not changed).

Now B.jsp (the adress lookup popup residing on server B) calls the "populateClientForm()" function from a javascript file residing on server A:


// in B.jsp
<script src="http://serverA.com/scripts/populate.js"></script>
...
<input type="button" onclick="populateClientForm(adressID)" value="Populate form"/>
...

However I still get the same security error message ("permission denied to get property Window.document").

Am I missing a step here?

Thanks!
C14

(In the mean time I'll attempt your solution number 3)
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22776994
Yes, you missed something or I was not clear

A.jsp on serverA has a form.
B.jsp on serverB has some data
You need A.jsp to contact serverB which has the data - to load a JS file - which can be a jsp setting the header
content-type:text/javascript

This file can then do

document.forms[0].addressId.value='<%=addressId %>'


0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:coniglio14
ID: 22845734
I decided to use the the URL to pass parameters, or more specifically the hash portion of the URL, e.g. "http://serverA/myContext/A.jsp#paramString".

This is what B.jsp (sitting on server B) is doing:

   window.opener.location.hash=myParameters;

Then A.jsp reads and processes those parameters.

This works fine, but only in FireFox, not in IE.

How can I fix this security problem in IE?

Thanks much!

0
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 500 total points
ID: 22848646
0
 

Author Closing Comment

by:coniglio14
ID: 31508526
Thanks a lot!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

The following is a collection of cases for strange behaviour when using advanced techniques in DOS batch files. You should have some basic experience in batch "programming", as I'm assuming some knowledge and not further explain the basics. For some…
Recently I have been answering a lot of questions like this in IT forums that I frequent. The question posed is usually something along the lines of "We have software X installed and need to uninstall it for reason Y" or some other variant of the sa…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now