Prev: Positioning DIV for Predictive-Test/LOV/Suggest-list
Next: scroll bar of body tag
From: sameergn on 23 Nov 2009 12:57
We have a script at http://localhost:8080/a.html which loads
http://localhost:8081/b.js using script tag. A button defined in
a.html invokes a function from b.js. The function makes AJAX call to
http://localhost:8081/c.html

Firefox 3.5.5 allows the call to c.html. It can be seen in Firebug and
Tamper data plugins. The response code in these plugins is 200. But in
AJAX callback the response code is 0 when readyState becomes 4 and
responseText is blank.

Same behavior in Chrome. IE7 shows "Access is Denied" error. IE8
executes fine and response code is 200 in AJAX callback and
responseText is properly set. All browsers are on Windows XP.

We believe this is not a cross domain issue. b.js is loaded from
localhost:8081 and fetching a resource on same server using AJAX. FF
3.5.5 does not show any error in Error Console, allows the AJAX call
and even gets a 200 response code and content length is also set
properly as seen in Tamper Data. Not sure why it returns 0 as response
code and sets responseText to blank.

Anybody faced similar issue?

Thanks,
Sameer
From: Duncan Booth on 23 Nov 2009 13:16
"sameergn(a)gmail.com" <sameergn(a)gmail.com> wrote:

> We believe this is not a cross domain issue. b.js is loaded from
> localhost:8081 and fetching a resource on same server using AJAX. FF
> 3.5.5 does not show any error in Error Console, allows the AJAX call
> and even gets a 200 response code and content length is also set
> properly as seen in Tamper Data. Not sure why it returns 0 as response
> code and sets responseText to blank.
>
It is a cross domain issue. The calling page is http://localhost:8080 which
is a different domain than http://localhost:8081 (the protocol and port
number both matter here).

It doesn't matter that you loaded the b.js from the same domain as the
page you are trying to access from Javascript: it's the domain of the page
a.html that matters.

If you want to know why Firefox sends the request even though it is cross-
domain read https://developer.mozilla.org/en/HTTP_access_control
From: John G Harris on 23 Nov 2009 15:20
On Mon, 23 Nov 2009 at 09:57:10, in comp.lang.javascript,
sameergn(a)gmail.com wrote:
>We have a script at http://localhost:8080/a.html which loads
>http://localhost:8081/b.js using script tag.
<snip>

It's not a script tag. This is a script tag :
<SCRIPT type="text/javascript">

You meant a script element, something that follows this pattern :
<SCRIPT ...> ... </SCRIPT>

John
--
John Harris
From: sameergn on 23 Nov 2009 15:33
On Nov 23, 12:20 pm, John G Harris <j...(a)nospam.demon.co.uk> wrote:
> On Mon, 23 Nov 2009 at 09:57:10, in comp.lang.javascript,samee...(a)gmail.com wrote:
> >We have a script athttp://localhost:8080/a.htmlwhich loads
> >http://localhost:8081/b.jsusing script tag.
>
>   <snip>
>
> It's not a script tag. This is a script tag :
>   <SCRIPT type="text/javascript">
>
> You meant a script element, something that follows this pattern :
>   <SCRIPT ...>  ...  </SCRIPT>
>
>   John
> --
> John Harris

@John Harris: Yes, We are loading javascript using <SCRIPT type="text/
javascript"> tag.
@Duncan Booth: I am going through the page you forwarded. Will take
some time to do that.

BTW, We thought this scenario is similar to Google Maps API.

Website A sends html to user’s browser. That page loads script from
Google site.
Website A invokes functions from Google API code which in turn makes
AJAX calls to Google site to fetch map images.

It is also similar to old applet model where applet could come from
different domain but it could initiate connections back to only that
domain.
From: Richard Maher on 23 Nov 2009 18:34
<sameergn(a)gmail.com> wrote in message
news:6714b47f-ada2-4156-bb46-21fe6050a885(a)a39g2000pre.googlegroups.com...
> It is also similar to old applet model where applet could come from
> different domain but it could initiate connections back to only that
> domain.

Absolutely nothin' "old" about it! Except in as far as it is now beautifully
augmented by cross-domain policy files a la mode de Flex/Silverlight.
Same-Origin works and works bloody well.

Cheers Richard Maher


 |  Next  |  Last
Pages: 1 2
Prev: Positioning DIV for Predictive-Test/LOV/Suggest-list
Next: scroll bar of body tag