...

View Full Version : Security question with XmlHttp



CompiledMonkey
06-02-2005, 10:58 PM
I'm developing a somewhat complex application that uses XmlHttpRequest and I've noticed a security warning when moving the application into a testing environment. When the application is on my local system, I don't get the message. However, once I move the "backend" piece to the dedicated server and try to run the client from my machine, I get a generic question from IE:

"This page is accessing information that is not under its control. This poses a security risk. Do you want to continue?"

I understand why I'm getting the question, but I'm wondering if there is anyway I can get around it. I don't want to freak out my users because I'm accessing data on a different machine in my domain through JavaScript. Thanks in advance.

SpirtOfGrandeur
06-03-2005, 12:35 AM
If you are accessing a different machine this is the error. There is no way around it. It only doesnt display the error if you are running it from the same machine as the host. By the specs IE is not even suppoed to allow this action. But it does with a flimsy warning!

jkd
06-03-2005, 01:27 AM
If this is an IE-only application (do note that Opera 8, Safari, and Mozilla all support XMLHttpRequest), then try saving the file as .hta instead of .html.

CompiledMonkey
06-03-2005, 05:01 AM
If this is an IE-only application (do note that Opera 8, Safari, and Mozilla all support XMLHttpRequest), then try saving the file as .hta instead of .html.

Yeah, because of VML, it's an IE only application. We're looking into SVG but the plugin aspect kinda sucks. Will try your suggestion tomorrow. Thanks.

jkd
06-03-2005, 05:24 AM
Opera 8 and Firefox 1.1 both offer native SVG support, via XML namespaces.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum