Amarnath Purohit

Navigation

Skip navigation.

Search

Site navigation

Email conversation

FromAmarnath Purohit
ToMe
SubjectI have a question,can you help
Date18 October 2004 15:19
Hi
you have a great site and it has all the information available.I need help
in solving a problem.
I am having top frame which is in https(which is secure).
Now the frame within it is not secure ,so when i open a window in non
secure layer.it communicate to the top frame and gives Javascript error
'Permission denied' error.
 
I am using window.open().. to open the new window in the function ..than i
am adding the reference of the top window,where it is giving the error
message .So the function is 
 
var wn = window.open();
top.addWindowRef(wn);
 
top.addWindowRef(wn) ..is giving the problem.
 
any help is appreciated.
Thanks
Amar
FromMe
ToAmarnath Purohit
SubjectRe: I have a question,can you help
Date18 October 2004 17:11
Amar,

Correct. There is nothing that you can do to avoid this. HTTP and HTTPS are
considered to be in different domains, even if they use the same domain
name. Attempting to communicate from one to the other is a security
violation. Browsers will not allow you to do it. Either all pages must be
HTTP or all must be HTTPS.


Mark 'Tarquin' Wilton-Jones - author of http://www.howtocreate.co.uk/
FromAmarnath Purohit
ToMe
SubjectRe: I have a question,can you help
Date18 October 2004 19:22
Hi Mark
I understand that,but there should be some work around to resolve to hide
this kind of javascript error.
Thanks
Amar
FromMe
ToAmarnath Purohit
SubjectRe: avoiding errors in frames
Date19 October 2004 8:29
//for all browsers - this will simply hide any error messages
//the script will still stop running
window.onerror = function () { return true; }

//for all other browsers (produces errors in Netscape 4 and IE 4,
//but they will be protected by the line above) - this allows the
//script to continue running after the error
try {
 top.addWindowRef(wn);
} catch(e) {}

I have documented this control structure in my JavaScript tutorial
FromAmarnath Purohit
ToMe
SubjectRe: avoiding errors in frames
Date19 October 2004 15:36
Hi Mark
Thank you so much for the detail information.I just wanted to add something
to my original comment.actually my domain is not changed ,when i am opening
the new window,so i am in the same domain.
Can you do something like.
document.domain='something'.
so do you think ,this will give me some advantage.
Thanks
Amar
FromMe
ToAmarnath Purohit
SubjectRe: avoiding errors in frames
Date19 October 2004 15:42
> document.domain='something'.

no, this worked in IE, but is a security hole that they have fixed.

The domains _are_ different if one is HTTP and one is HTTPS. Even if the
domain name is the same, HTTP != HTTPS, and the browser treats these as
being different domains.
This site was created by Mark "Tarquin" Wilton-Jones.
Don't click this link unless you want to be banned from our site.