preventing Access/Permission Denied errors

Discussion in 'Javascript' started by Nick, May 7, 2004.

  1. Nick

    Nick Guest

    OK Guys and Gals,

    I've got a script that does some work with the document object in
    another frame.

    This works fine until the other frame contains a document on another
    domain. This of course produces a permission error.

    I don't actually want to do anything with the document if the page is
    on a different domain BUT I do want to detect this situation before it
    occurs, and then allow my script to terminate peacefully instead of
    producing an error.

    How can I do this?

    I suppose I could use IE's try and catch, but that means I'll still
    have problems on other browsers.

    All suggestions gratefully received.

    Cheers

    N
     
    Nick, May 7, 2004
    #1
    1. Advertising

  2. Nick

    Ron Guest

    Nick wrote:

    >[snip]
    >
    >I suppose I could use IE's try and catch, but that means I'll still
    >have problems on other browsers.
    >
    >

    try{...} catch{...} isn't IE, it's ECMAScript 3
    <http://www.ecma-international.org/publications/standards/Stnindex.htm>,
    which Javascript 1.5 is an implementation of. I've used try{...}
    catch{...} on Mozilla and Firefox with no problems.
     
    Ron, May 7, 2004
    #2
    1. Advertising

  3. Nick wrote:
    <snip>
    > I don't actually want to do anything with the document if the page is
    > on a different domain BUT I do want to detect this situation before it
    > occurs, and then allow my script to terminate peacefully instead of
    > producing an error.
    >
    > How can I do this?
    >
    > I suppose I could use IE's try and catch, but that means I'll still
    > have problems on other browsers.

    <snip>

    They aren't IE's try-catch, they are specified in ECMA 262 3rd edition,
    and implemented in JavaScript 1.4+, but they do represent a syntax error
    in all earlier versions so are generally best avoided in cross-browser
    scripting (at least for another couple of years).

    You cannot determine that a document in the other frame is from a
    different domain because of the security restrictions, as you have
    discovered. But you don't really need to as all you actually need to
    know is whether the page in the other frame is from your domain, and
    thus safe to interact with. Your own pages are in a position to report
    their presence to the frameset.

    So, for example, you could have each of your own pages set a variable in
    the frameset to true from it's onload event, and then re-set that
    variable to false in its onunload event. You would then know that it was
    safe to interact with the other frame whenever the variable was set to
    true and unsafe whenever it was false.

    Richard.
     
    Richard Cornford, May 7, 2004
    #3
  4. Nick

    Cindy Lee Guest

    How can I add a safe domain? I get an access error when doing this
    document.all("dynamicFrame"); //my iframe



    function iframeResize() {
    var oBody = dynamicFrame.document.body;
    var oFrame = document.all("dynamicFrame");
    oFrame.style.height = oBody.scrollHeight
    +oBody.offsetHeight-oBody.clientHeight;

    //This is the alert call that miraculously makes this function
    alert(caller +" oFrame.style.height = " +oFrame.style.height);
    }

    //Description:Initializes the page by creating the scroll objects
    //setting browser specific information
    function InitializePage(){
    //d_bw.ns4||d_bw.ns5?"":iframeResize();
    setTimeout("iframeResize()",2000);
    //iframeResize();
    }


    <IFRAME APPLICATION="yes" style="width:100%;" ID="dynamicFrame"
    NAME="dynamicFrame" frameborder="no" scrolling="no"
    SRC="https://mydomain.com/page.jsp"> Sorry, you need inline frames to fully
    see this page. </IFRAME>





    "Richard Cornford" <> wrote in message
    news:c7grmj$nos$1$...
    > Nick wrote:
    > <snip>
    > > I don't actually want to do anything with the document if the page is
    > > on a different domain BUT I do want to detect this situation before it
    > > occurs, and then allow my script to terminate peacefully instead of
    > > producing an error.
    > >
    > > How can I do this?
    > >
    > > I suppose I could use IE's try and catch, but that means I'll still
    > > have problems on other browsers.

    > <snip>
    >
    > They aren't IE's try-catch, they are specified in ECMA 262 3rd edition,
    > and implemented in JavaScript 1.4+, but they do represent a syntax error
    > in all earlier versions so are generally best avoided in cross-browser
    > scripting (at least for another couple of years).
    >
    > You cannot determine that a document in the other frame is from a
    > different domain because of the security restrictions, as you have
    > discovered. But you don't really need to as all you actually need to
    > know is whether the page in the other frame is from your domain, and
    > thus safe to interact with. Your own pages are in a position to report
    > their presence to the frameset.
    >
    > So, for example, you could have each of your own pages set a variable in
    > the frameset to true from it's onload event, and then re-set that
    > variable to false in its onunload event. You would then know that it was
    > safe to interact with the other frame whenever the variable was set to
    > true and unsafe whenever it was false.
    >
    > Richard.
    >
    >
     
    Cindy Lee, May 7, 2004
    #4
  5. Cindy Lee wrote:
    > How can I add a safe domain?


    Questions of that quality are likely to receive fatuous answers. What on
    earth are you talking about?

    > I get an access error when doing this
    > document.all("dynamicFrame"); //my iframe

    <snip>

    Yes, that is a statement that is likely to produce an error of one sort
    or another in most browsers.

    Richard.
     
    Richard Cornford, May 7, 2004
    #5
  6. Nick

    Nick Guest

    "Richard Cornford" <> wrote in message news:<c7grmj$nos$1$>...

    <snip>
    >
    > They aren't IE's try-catch, they are specified in ECMA 262 3rd edition,
    > and implemented in JavaScript 1.4+, but they do represent a syntax error
    > in all earlier versions so are generally best avoided in cross-browser
    > scripting (at least for another couple of years).


    Hmmm... I share your concerns about cross browser scripting, even if
    try...catch is available on other browsers. The kind of people my
    application is written for may well have older browsers with older
    versions of js.


    > So, for example, you could have each of your own pages set a variable in
    > the frameset to true from it's onload event, and then re-set that
    > variable to false in its onunload event. You would then know that it was
    > safe to interact with the other frame whenever the variable was set to
    > true and unsafe whenever it was false.


    Richard, this is an excellent suggestion. Unfortunately I cannot add
    any js to the pages on the domain I am working on! The script I was
    talking about runs on a page which acts as a kind of "client
    statistics utility" for a customer's web site. I can't then ask my
    customers to alter all of their pages (either by adding some code or
    src-ing a js file). It's just not viable.

    I appreciate the suggestion though, and if you or any others can think
    of a viable alternative to try...catch that would be great. Otherwise,
    looks like I've got to do some js version detection, and have to
    prevent users with js 1.4 downwards from using my utility. Bummer.

    Cheers for your continuing help! ;)

    N
     
    Nick, May 9, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Nathan
    Replies:
    1
    Views:
    4,788
    Frances Valdes
    May 5, 2004
  2. Tina

    File access Permission Denied

    Tina, Mar 16, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    10,074
    Winista
    Mar 16, 2006
  3. Russell Warren
    Replies:
    4
    Views:
    705
    Russell Warren
    Jul 27, 2006
  4. Antoine De Groote

    shutil: permission denied errors on windows

    Antoine De Groote, Nov 6, 2006, in forum: Python
    Replies:
    6
    Views:
    1,766
    Antoine De Groote
    Nov 7, 2006
  5. Replies:
    0
    Views:
    190
Loading...

Share This Page