I do not believe that their is a hack for this. The cross-domain scripting is disabled within ajax as it poses a greater security risk than what it gives benefits for. The good news is that the source for Ajax will be released sometime next month and you can modify to allow the behavior you want...
I can understand blocking cross-domain scripting, that makes perfect sense. But in this case it shouldn't be doing any cross-domain scripting at all. In that demo link i put up I just put the Ajax Control Toolkit page in a frame. I'm pretty sure the ajax control toolkit page isn't trying to interface with my frame. Besides, it gives an access denied error, but all the Ajax functions still work inside the frame.
It looks to me like a special case - cross-domain frames - is not handled correctly by the Ajax library and it is trying to reference an object - top.document - without first checking if it _can_ access that object. It's like not checking for null and then getting an NPE...
I would be fine with modifying source to fix the problem, but sometime next month is too far away for my current problem. I guess I'll have to stick with RC1 for now. Bummer.
christopher
Looks like you do not have to wait now the source is released:http://ajax.asp.net/downloads/default.aspx?tabid=47
Awesome. thanks for the heads up.
Hi,
I just published a blog post that explains the issue and gives a workaround:
http://weblogs.asp.net/bleroy/archive/2007/01/31/how-to-work-around-the-quot-access-denied-quot-cross-domain-frame-issue-in-asp-net-ajax-1-0.aspx
Hope this helps
Bertrand
No comments:
Post a Comment