homepage Welcome to WebmasterWorld Guest from 50.19.172.0
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
Forum Library, Charter, Moderator: open

JavaScript and AJAX Forum

    
Javascript - can't access pages from other domains?
jgaffney

10+ Year Member



 
Msg#: 433 posted 3:56 am on Jun 5, 2003 (gmt 0)

It looks like both Javascript and Java are prevented from accessing document data in other frames/windows if the URL is from a different domain than the script/applet.

Is this a hard and fast security limitation?

Could a "trusted" Java applet get around this?

My hope was to create a script/applet that would retrieve a list of pages and submit their contents to an .asp script, which would then analyze all and return report.

Or maybe this calls for a "real" application...

 

tedster

WebmasterWorld Senior Member tedster us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 433 posted 6:28 pm on Jun 6, 2003 (gmt 0)

The default security in JavaScript is even more restrictive than "same domain". It's known as the Same Origin policy. It says that a script can only read properties of windows and documents that were loaded:

1. from the same host
2. through the same port
3. by the same protocol

Reference: Mozilla.org [mozilla.org]

There is one happy exception - you can bypass the limitation for subdomains of the same domain, such as sub1.domain.com and sub2.domain.com. You do this by reassigning document.domain to the short version, e.g. document.domain="domain.com". This allows windows from the root domain to interact with windows in different subdomains.

You're correct that a "trusted script" can have more freedom - I've never written a signed script and I've only ever read about it (here's one solid reference: Netscape DevEdge [developer.netscape.com].) I understand it can be a bit unwieldy in many situations. Given that, a "real" app just may be the way to go.

That's not a definitive answer, I know. Hope the references will help you make a good decision for your situation.

[edited by: tedster at 12:42 am (utc) on June 7, 2003]

jgaffney

10+ Year Member



 
Msg#: 433 posted 9:58 pm on Jun 6, 2003 (gmt 0)

Exactly what I needed. Thanks!

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / JavaScript and AJAX
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved