本文探讨了在Internet Explorer 6中遇到的Access is Denied JavaScript错误现象,详细分析了错误产生的原因,包括跨域限制及窗口操作限制等,并提供了相应的解决方法。
Today I encountered a javascript error: "Access is Denied" in IE6.0.
This module I run allows the user to download a excel file which contains some table concerned in DB and their all fields, also allows to set a alias for each field, and upload the file contains these aliases.
At first, the browser was navigated to the select table page, there're two buttons('Download Table Template' and 'Upload Defined Alias' button) and a list which contains all tables. These two operations use one form and change it's action attribute with javascript.
Select one table and Click the 'Download Table Template' button, The save dialog will be shown, if this operation was canceled there will be no javascript error and can do any other operation. But the file was saved, the other operation and download operation will be stopped because of the javascript error "Access is Denied"(the line number shows cannot access the form).
The same operation was done in IE7.0 and firefox2.0, no javascript found. WHY? Could somebody help me?
Below is a FAQ found in 'http://www.dannyg.com/ref/jsminifaq.html'.
Q. What does the IE "Access is Denied" error mean?
A. The "Access Denied" error in any browser usually means that a script in one window or frame is trying to access another window or frame whose document's domain is different from the document containing the script. What can seem odd about this is that you get this error in IE for Windows frequently when a script in one window generates a new window (with window.open()), and content for that other window is dynamically created from the same script doing the opening. The focus() method also triggers the error.
The error can also occur if scripts try to access objects, properties, or methods that have been locked down by Microsoft's security platoon. For instance, the document.styleSheets.rules property used to be accessible in IE 5 and IE 5.5, but is not in IE 6.
For the new window problem, there is a bit of history associated with the problem and workarounds. For example, the problem occurs frequently when the scripts are being run from the local hard disk. You get a clue about the situation in the titlebar of the new window: It forces an about:blank URL to the new window, which is a protocol:domain that differs from wherever your main window's script comes from. If, however, you put the same main window document on a server, and access it via http:, the problem goes away.
There is a workaround for the local-only problem: In the first parameter of the window.open() method call, load a real document (even if it is a content-free HTML document) into the sub-window before using document.write() to generate content for the subwindow. The loading action 'legitimizes' the window as coming from the same domain as your main window's document.
(This solution does not affect scripts that load a page from a secure server into a separate window or frame. An http: protocol in one window and https: in the other--even if from the same server.domain--yield a security mismatch and "Access Denied." Setting the document.domain properties of both pages may solve the problem (but I am unable to test it for sure).)
For other situations (such as the document.styleSheets.cssRules problem, there are no workarounds, so you'll have to find another way around your task.
One more source of this error in IE occurs if you assign a too-long search string to a URL or a form (using the GET method) has lots of elements and data. The HTTP GET method has a built-in limit of approximately 512 characters. If you run into the problem, change the method to POST, which has no data length limit. But POST won't reflect the search string in the URL of the replacement page (in case you're expecting to parse that data as a way to convey data from one page to the next).
This module I run allows the user to download a excel file which contains some table concerned in DB and their all fields, also allows to set a alias for each field, and upload the file contains these aliases.
At first, the browser was navigated to the select table page, there're two buttons('Download Table Template' and 'Upload Defined Alias' button) and a list which contains all tables. These two operations use one form and change it's action attribute with javascript.
Select one table and Click the 'Download Table Template' button, The save dialog will be shown, if this operation was canceled there will be no javascript error and can do any other operation. But the file was saved, the other operation and download operation will be stopped because of the javascript error "Access is Denied"(the line number shows cannot access the form).
The same operation was done in IE7.0 and firefox2.0, no javascript found. WHY? Could somebody help me?
Below is a FAQ found in 'http://www.dannyg.com/ref/jsminifaq.html'.
Q. What does the IE "Access is Denied" error mean?
A. The "Access Denied" error in any browser usually means that a script in one window or frame is trying to access another window or frame whose document's domain is different from the document containing the script. What can seem odd about this is that you get this error in IE for Windows frequently when a script in one window generates a new window (with window.open()), and content for that other window is dynamically created from the same script doing the opening. The focus() method also triggers the error.
The error can also occur if scripts try to access objects, properties, or methods that have been locked down by Microsoft's security platoon. For instance, the document.styleSheets.rules property used to be accessible in IE 5 and IE 5.5, but is not in IE 6.
For the new window problem, there is a bit of history associated with the problem and workarounds. For example, the problem occurs frequently when the scripts are being run from the local hard disk. You get a clue about the situation in the titlebar of the new window: It forces an about:blank URL to the new window, which is a protocol:domain that differs from wherever your main window's script comes from. If, however, you put the same main window document on a server, and access it via http:, the problem goes away.
There is a workaround for the local-only problem: In the first parameter of the window.open() method call, load a real document (even if it is a content-free HTML document) into the sub-window before using document.write() to generate content for the subwindow. The loading action 'legitimizes' the window as coming from the same domain as your main window's document.
(This solution does not affect scripts that load a page from a secure server into a separate window or frame. An http: protocol in one window and https: in the other--even if from the same server.domain--yield a security mismatch and "Access Denied." Setting the document.domain properties of both pages may solve the problem (but I am unable to test it for sure).)
For other situations (such as the document.styleSheets.cssRules problem, there are no workarounds, so you'll have to find another way around your task.
One more source of this error in IE occurs if you assign a too-long search string to a URL or a form (using the GET method) has lots of elements and data. The HTTP GET method has a built-in limit of approximately 512 characters. If you run into the problem, change the method to POST, which has no data length limit. But POST won't reflect the search string in the URL of the replacement page (in case you're expecting to parse that data as a way to convey data from one page to the next).
扫一扫
2067
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
