Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New to the CF scene
    Join Date
    Jul 2012
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    SECURITY_ERR: DOM Exception 18

    I have a web page in which the Javascript code does a XMLHttpRequest and it gets the titled error above. This happens with a mobile browser but not on the browser on my iMac. I am accessing the web page using https://sitea.domain and the XMLHttpRequest goes to https://siteb.domain. The error occurs when the open is executed.

    Any ideas?

  • #2
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,216
    Thanks
    75
    Thanked 4,344 Times in 4,310 Posts
    Different security models in the two browsers.

    The one that allows it sees sitea.domain.com as indeed coming from the same domain as siteb.domain.com.

    The one that disallows it is treating them as separate domains.

    And easy answer would be to put a proxy server (maybe written in PHP or ASP or...) on sitea.domain that acts to pull the data from siteb.domain. So that the XMLHTTPRequest would then hit the proxy on sitea.domain.

    As to why the different security models: No idea. As the browser makers.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #3
    New Coder
    Join Date
    Jun 2012
    Posts
    80
    Thanks
    0
    Thanked 18 Times in 18 Posts
    Hi Kenneth Heeres,
    You can't use XMLHttpRequest to access data in different domain but you can import javascript insert, most popular method is JSONP (but not me, I just sent entire code back since I know what I sent back).

  • #4
    Senior Coder rnd me's Avatar
    Join Date
    Jun 2007
    Location
    Urbana
    Posts
    4,302
    Thanks
    10
    Thanked 586 Times in 567 Posts
    if you control both domains then simply add the proper CORS headers to the page(s) you want to fetch with ajax:

    Code:
    Access-Control-Allow-Methods:	GET
    Access-Control-Allow-Origin:  	*
    see https://developer.mozilla.org/en/http_access_control for info
    my site (updated 13/9/26)
    BROWSER STATS [% share] (2014/5/28) IE7:0.1, IE8:5.3, IE11:8.4, IE9:3.2, IE10:3.2, FF:18.2, CH:46, SF:7.9, NON-MOUSE:32%


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •