Loading ...
Sorry, an error occurred while loading the content.

Re: Login Dialog from http page to https page generates "Permission denied error

Expand Messages
  • Rusty Spoon
    Yes. Thank you for the idea about using a panel and using the iframe. I like that idea. But it requires quite a bit of rewrite. I am avoiding that because it
    Message 1 of 5 , Oct 30, 2007
    • 0 Attachment
      Yes. Thank you for the idea about using a panel and using the iframe.
      I like that idea. But it requires quite a bit of rewrite. I am
      avoiding that because it looks really painful to change right now.
      There are many things that are interdependent on this and I do not
      want to yank it out until I know that is the only way to proceed.

      If I could just force the Connection manager to use the iframe the
      problem would be solved. I did this by adding
      enctype="multipart/form-data" and a hidden file upload field to the
      form. Following this I was able to get the form to post properly to
      the server.

      var handleSubmit = function() {

      YAHOO.util.Connect.setForm("loginDialogForm",true,true);
      YAHOO.util.Connect.asyncRequest("post", "Login", callbacks);

      //this.submit(); // override this so I can control connection mgr

      }


      Unfortunately I was not able to retrieve a response.

      callbacks = {
      upload: function(o) {
      alert(o.responseText); // responseText is undefined
      }
      }

      I have successfully used this in other projects following the
      description of usage at
      http://developer.yahoo.com/yui/connection/#upload. According to this
      description o.responseText should contain the content of the body of
      the iframe response. Unfortunately responseText comes back as
      undefined. However, when I refresh the page, the user is logged in. So
      the login process worked. This is good news. But I need the
      responseText to know if it failed or not. Apparently the browser is
      still blocking access to the response. Strange since it lets me send
      out a request.

      I am now toying with having the response page contain Javascript that
      contacts its parent (parent.someFunctionCall("arg")). If I cannot
      reach into the iframes response that is fine. Maybe I can reach out
      from the child.

      So this is working in IE. But firefox appears to not like the iframe
      to talk to its parent. Strange since IE accepts it without a problem.

      And a note on this, using a Panel with an iframe would cause this same
      problem. Firefox would not allow a SSL child frame to talk to a
      non-SSL parent. Here is the error I get:

      uncaught exception: Permission denied to get property Window.loginAfter

      =================================================================

      --- In ydn-javascript@yahoogroups.com, "tssha" <tsha@...> wrote:
      >
      > --- In ydn-javascript@yahoogroups.com, "Rusty Spoon" <skingdon@> wrote:
      > >
      > > Right. Thank you for that. I think you have just restated my problem.
      > > Now, how do I get around that problem? I have see plenty of websites
      > > out there that the page I login from is http. Yet I login securely
      > > through some form that submits an AJAX-ish request. Any ideas?
      >
      > Instead of using Dialog/SimpleDialog, use Panel and create your form
      > -- within an iframe -- as the Panel's content.
      >
      > Connection Manager only uses an iframe to support file uploads. That
      > mechanism doesn't expose nor provide the discrete transaction details
      > that form the response object.
      >
      > Regards,
      > Thomas
      >
    Your message has been successfully submitted and would be delivered to recipients shortly.