Solved

How to allow a cross domain page to access (and modify) my form fields?

Posted on 2008-10-21
6
1,048 Views
Last Modified: 2012-06-27
I got two pages:

* A.jsp has an html form named "iForm" with address fields and a popup link to B.jsp

* B.jsp allows the user to select an addressID value and use that value to populate iForm.addressID by doing:

   window.opener.document.forms['iForm'].addressID.value = selectedValueFormPopup;

So far everything's fine and dandy.

However, when A.jsp resides on a different server, I get a security error message:

"permission denied to get property Window.document"

How can I allow B.jsp access to fields on A.jsp?

(I know I can pass JSON messages to A.jsp via its url query string, but that is not the preferred method).

Help much appreciated.
0
Comment
Question by:coniglio14
  • 3
  • 3
6 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22775779
1. use url (you said no)
2. use a javascript residing on server A in page from server B
3. call the server A's pages from server B and present as server B's page


So if you in page A load a javascript from server B, this script can fill in the form:
http://ajaxpatterns.org/On-Demand_Javascript

function ensureUploadScriptIsLoaded() {
   if (self.uploadScript) { // Already exists
     return;
   }
   var head = document.getElementsByTagName("head")[0];
   script = document.createElement('script');
   script.id = 'uploadScript';
   script.type = 'text/javascript';
   script.src = "http://www.serverB.com/formfill.jsp?parameter="+parms;
   head.appendChild(script);
 }

Open in new window

0
 

Author Comment

by:coniglio14
ID: 22776702
Tried your solution number 2:

A.jsp sits on server A and has form "iForm" whose fields are to be populated (A.jsp has not changed).

Now B.jsp (the adress lookup popup residing on server B) calls the "populateClientForm()" function from a javascript file residing on server A:


// in B.jsp
<script src="http://serverA.com/scripts/populate.js"></script>
...
<input type="button" onclick="populateClientForm(adressID)" value="Populate form"/>
...

However I still get the same security error message ("permission denied to get property Window.document").

Am I missing a step here?

Thanks!
C14

(In the mean time I'll attempt your solution number 3)
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22776994
Yes, you missed something or I was not clear

A.jsp on serverA has a form.
B.jsp on serverB has some data
You need A.jsp to contact serverB which has the data - to load a JS file - which can be a jsp setting the header
content-type:text/javascript

This file can then do

document.forms[0].addressId.value='<%=addressId %>'


0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 

Author Comment

by:coniglio14
ID: 22845734
I decided to use the the URL to pass parameters, or more specifically the hash portion of the URL, e.g. "http://serverA/myContext/A.jsp#paramString".

This is what B.jsp (sitting on server B) is doing:

   window.opener.location.hash=myParameters;

Then A.jsp reads and processes those parameters.

This works fine, but only in FireFox, not in IE.

How can I fix this security problem in IE?

Thanks much!

0
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 500 total points
ID: 22848646
0
 

Author Closing Comment

by:coniglio14
ID: 31508526
Thanks a lot!
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Edit Registry Key via Batch File 8 63
How to count json data 2 78
Windows Script Host failed (Access is denied.) error 6 147
Need some help with powershell script 5 49
Ever wondered how to display how many visitors you have online. In this tutorial I will show you an easy but effective way to display the number of online visitors in WhizBase. In this article I assume you have read my previous articles and know …
Active Directory replication delay is the cause to many problems.  Here is a super easy script to force Active Directory replication to all sites with by using an elevated PowerShell command prompt, and a tool to verify your changes.
Learn the basics of strings in Python: declaration, operations, indices, and slicing. Strings are declared with quotations; for example: s = "string": Strings are immutable.: Strings may be concatenated or multiplied using the addition and multiplic…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question