Solved

How to allow a cross domain page to access (and modify) my form fields?

Posted on 2008-10-21
6
1,047 Views
Last Modified: 2012-06-27
I got two pages:

* A.jsp has an html form named "iForm" with address fields and a popup link to B.jsp

* B.jsp allows the user to select an addressID value and use that value to populate iForm.addressID by doing:

   window.opener.document.forms['iForm'].addressID.value = selectedValueFormPopup;

So far everything's fine and dandy.

However, when A.jsp resides on a different server, I get a security error message:

"permission denied to get property Window.document"

How can I allow B.jsp access to fields on A.jsp?

(I know I can pass JSON messages to A.jsp via its url query string, but that is not the preferred method).

Help much appreciated.
0
Comment
Question by:coniglio14
  • 3
  • 3
6 Comments
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22775779
1. use url (you said no)
2. use a javascript residing on server A in page from server B
3. call the server A's pages from server B and present as server B's page


So if you in page A load a javascript from server B, this script can fill in the form:
http://ajaxpatterns.org/On-Demand_Javascript

function ensureUploadScriptIsLoaded() {

   if (self.uploadScript) { // Already exists

     return;

   }

   var head = document.getElementsByTagName("head")[0];

   script = document.createElement('script');

   script.id = 'uploadScript';

   script.type = 'text/javascript';

   script.src = "http://www.serverB.com/formfill.jsp?parameter="+parms;

   head.appendChild(script);

 }

Open in new window

0
 

Author Comment

by:coniglio14
ID: 22776702
Tried your solution number 2:

A.jsp sits on server A and has form "iForm" whose fields are to be populated (A.jsp has not changed).

Now B.jsp (the adress lookup popup residing on server B) calls the "populateClientForm()" function from a javascript file residing on server A:


// in B.jsp
<script src="http://serverA.com/scripts/populate.js"></script>
...
<input type="button" onclick="populateClientForm(adressID)" value="Populate form"/>
...

However I still get the same security error message ("permission denied to get property Window.document").

Am I missing a step here?

Thanks!
C14

(In the mean time I'll attempt your solution number 3)
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 22776994
Yes, you missed something or I was not clear

A.jsp on serverA has a form.
B.jsp on serverB has some data
You need A.jsp to contact serverB which has the data - to load a JS file - which can be a jsp setting the header
content-type:text/javascript

This file can then do

document.forms[0].addressId.value='<%=addressId %>'


0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 

Author Comment

by:coniglio14
ID: 22845734
I decided to use the the URL to pass parameters, or more specifically the hash portion of the URL, e.g. "http://serverA/myContext/A.jsp#paramString".

This is what B.jsp (sitting on server B) is doing:

   window.opener.location.hash=myParameters;

Then A.jsp reads and processes those parameters.

This works fine, but only in FireFox, not in IE.

How can I fix this security problem in IE?

Thanks much!

0
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 500 total points
ID: 22848646
0
 

Author Closing Comment

by:coniglio14
ID: 31508526
Thanks a lot!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
i want to read the contents of the file to Csv 13 53
Input past end of file vbs script 9 81
Need sample Angular apps for study 4 71
Control Number of Log Files -Perl 7 55
Ever wondered how to display how many visitors you have online. In this tutorial I will show you an easy but effective way to display the number of online visitors in WhizBase. In this article I assume you have read my previous articles and know …
If you get a (Blue Screen of Death), your system writes a small file called a minidump. Your first step is to make certain your computer is setup to record memory dumps. Right click My Computer, choose properties. Click on the advanced tab, an…
Learn the basics of modules and packages in Python. Every Python file is a module, ending in the suffix: .py: Modules are a collection of functions and variables.: Packages are a collection of modules.: Module functions and variables are accessed us…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now