?
Solved

Java script acces denied.

Posted on 2009-06-27
6
Medium Priority
?
208 Views
Last Modified: 2012-06-27
Hello experts.
The final idea is to give my users the hability to place some content from my site on their. by providing the html (For example: "Put this survey in your site, just copy and paste this code in your page").

Every yhing is fine if the page where the code is placed is on the same domain, but i get acces denied when i place the code on a page in a diferent domain.

At the momento the code i would provide would be exactly as appears below, (Of course it is subject to change as the development advances).

The file script/ppublthirdparty.js works fine in other conditions (same domain)
the function PlspubSendDataGetContent takes three params.
1 a querystring, 2, The element to change, note "33" the same as the div id, 3 the page where the request should be made.
What it does is to send the query string in the first parameter (Post method) to the page in the third parameter, and then change the innerHTML indicated in the second parameter with the result returned from the post rquest. (Using the request object as described in any AJAX tutorial).
One thing I should mention is that some where in the function i try to get the window.location
I did not use iframe for the simple reason that I cant tell the survey height i developing time.
Note that the content contains more calls to the same jscript function.
Not using https.

Can anyone tell me how to succesfully provide content to third parties? Any solution please.

Thanks in advance.






<script type="text/javascript" src="http://test.pulsopublico.com/script/ppublthirdparty.js"></script>
<div id="33">
</div>
<script type="text/javascript">
PlspubSendDataGetContent ('rq=gtsrv&srvid=000917828838604&wdth=280','33','http://test.pulsopublico.com/surveys.aspx');
</script>

Open in new window

0
Comment
Question by:Marsc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 3

Accepted Solution

by:
dlastlee earned 500 total points
ID: 24730058
There is no solution via Javascript for security reasons:
http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/Q_23363901.html
Although, I've heard that something may be in the works for IE and/or FF in the future.

I don't think there is a simple plug/play type solution for your client. The best solution I worked with is to provide a webservice on your end, then have the client produce a webservice or page with the same data, then have your script pull from that location. So in some sense, using their backend server as a proxy.
0
 
LVL 41

Assisted Solution

by:HonorGod
HonorGod earned 500 total points
ID: 24731220
You would need to have a server site application that would be allowed to connect to another domain, and use Ajax to make the request.

Server side applications don't have the same limitations/restrictions as do client side JavaScript.
0
 
LVL 1

Author Comment

by:Marsc
ID: 24871320
Hi everyone. I am sorry for disapearing this time.
I really didn't find the solution on this.
I can't give a bloger a serverside script, thats not acceptable.
The implemented solution was finally the use of an iframe, and normal form post. That worked well, I would prefer an ajax solution, but it is not possible it seems.

I would delete this question if noone have objections.

0
 
LVL 41

Expert Comment

by:HonorGod
ID: 24871707

See the help:
http://www.experts-exchange.com/help.jsp

Under "Asking questions"

Specifically: The correct answer to some questions is "You can't do that."

0
 
LVL 16

Expert Comment

by:CWS (haripriya)
ID: 37296663
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Interactive Way of Training for the AWS CSA Exam

An interactive way of learning that will help you visualize core concepts so that you can be more effective when taking your AWS certification exam.  Built for students by a student to help them understand the concepts that they are being taught.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
The viewer will learn how to count occurrences of each item in an array.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question