Home     |     .Net Programming    |     cSharp Home    |     Sql Server Home    |     Javascript / Client Side Development     |     Ajax Programming

Ruby on Rails Development     |     Perl Programming     |     C Programming Language     |     C++ Programming     |     IT Jobs

Python Programming Language     |     Laptop Suggestions?    |     TCL Scripting     |     Fortran Programming     |     Scheme Programming Language


 
 
Cervo Technologies
The Right Source to Outsource

MS Dynamics CRM 3.0

Ajax Programming

localhost and localhost:8081 not same domain


I am getting the open denied error when a CGI generated page with ajax
on it tries to connect to a REST servlet on tomcat on the same machine
in Firefox.

is localhost handled differently for the cross domain limitation?

Ollie

Does the xmlHttpRequest object see localhost/somepath as a different
domain than localhost:8081/someotherpath

IE and FF think different prot as different domain, so it is not
allowed to cross domain for ajax

On 2?3?, ??9?29?, "MikeOliverAZ" <o@alariussystems.com> wrote:

I've solved this by adding a proxy in my apache definition so that
ajax thinks it is staying on the same domain.

-----------------------------------------------Reply-----------------------------------------------
Yes I came to that conclusion.  I think it is taking security too
far.  Interpretting a term like "Domain" to be other than everywhere
else and forcing proxy to get around it, isn't making things safer as
improper proxy settings are far worse.  So if anyone leading the
charge on AJAX and xmlHttpRequest should get a clue and not make
things more complex which makes things more vulnerable.

Ollie

On Feb 6, 6:31 pm, "Jade King" <heroshao@gmail.com> wrote:

Yes, I use the Apache proxy_module ProxyPass as that's the safest way.

But in my opinion I started above, the definition of "Domain" being
abrogated by whomever makes these decisions to include the Port is not
doing anyone a service.  someserver.somedomain.com is in the same
domain as anotherserver.somedomain.com:8081 and should be treated that
way  DNS doesn't include port so there is little security risk if the
port is different in a URL, but requirement for a proxy has
significant security risk.

On Feb 7, 4:27 am, "Ivan" <eulaersi@yahoo.com> wrote:

Add to del.icio.us | Digg this | Stumble it | Powered by Megasolutions Inc