PDA

View Full Version : Access denied.



madkidd
10-19-2006, 07:10 PM
Hello,

This code runs fine on my machine but a friend of mine said he is getting an "access denied" error. Any ideas?



// get XMLHttpRequest object
objhttp=getXMLHTTPObject();

// open socket connection
objhttp.open("POST","https://secure.click2callu.com/tpcc/makecall",true);

// set http header
objhttp.setRequestHeader(header.split(':')[0],header.split(':')[1]);

// set number from form
number = document.getElementById('txtNum');

// send data
objhttp.send("username="+varUsername+"&password="+varPassword+"&fromnumber=1"+varFromNumber+"&tonumber=1"+number.value);


(The error is being throw by the objhttp.open line.) Below is the getXMLHTTPObject function.



// function getXMLHTTPObject
function getXMLHTTPObject(){
//instantiate new XMLHttpRequest object
var objhttp=(window.XMLHttpRequest)?new XMLHttpRequest():new ActiveXObject('Microsoft.XMLHTTP');

if(!objhttp){return};

// assign event handler
// objhttp.onreadystatechange=displayStatus;

// return XMLHttpRequest object
return objhttp;
}

blm126
10-20-2006, 01:18 AM
XMLHttpRequest is only allowed to access the domain the current page is on. If you have to access another domain then you must use a serverside script to act as a middle man.

madkidd
10-20-2006, 01:23 AM
XMLHttpRequest is only allowed to access the domain the current page is on. If you have to access another domain then you must use a serverside script to act as a middle man.

It works fine from my machine? If that is the case why would it work fine from my machine and then not work on another machine?

djr33
10-20-2006, 02:31 AM
Link us.

Is your computer also the server? That's how.

If not... I'm not sure. You likely have an error in your code, or something. Are you using the same OS? Browser? Etc.?




EDIT: There is one more complex reason I can think of.
I am not sure if this is true with AJAX/XMLrequest, but with cookies, www.domain.com and domain.com are actually different domains.

If you are looking at http://dynamicdrive.com/forums/... right now, try making that http://www.dynamicdrive.com/forums/....
You will be logged out. Strange. But remove the www. and you're suddenly logged in again.

Due to this, if your friend is viewing www.yoursite.com/ajaxpage.htm, and it calls "http://yoursite.com/anotherpage.php" then the www. and plain domain won't be the same domain, technically.
Ask your friend if that is the case (if there is a www.) and test both ways yourself.

This may not be the problem (and might not even be true for ajax, but I think it would act the same way as cookies).

If both www.domain.com and domain.com (when viewing your page) work with the ajax for you, then this isn't the problem.

madkidd
10-20-2006, 02:57 PM
No, my machine is not the server. Actually, this script isn't being executed on a website. Both users are running Windows Vista build 5600 and IE7. It's actually for a Sidebar Gadget but the error comes when just the HTML file is executed locally in IE7. I can run it locally on my machine with IE7 and not get the error :confused: .

I'm not a JavaScript guru so I'm having trouble understanding why it would execute fine on my end and have an access denied on their end. Would there be some kind of local JavaScript setting in Windows that would allow or not allow the XMLHttp Post? Would this have any effect if I changed it to a GET?

Twey
10-20-2006, 03:16 PM
Would there be some kind of local JavaScript setting in Windows that would allow or not allow the XMLHttp Post?This would be a logical and sensible safety device. So, probably not. :p In seriousness, though, it's quite possible. Have a look and see.