Permission Denied

I am evaluating your grid product with good results --- until now. I am developing on a Windows 2000 box on a small intranet using IE. My project resides on a server out on the internet (Windows Server 2003). Was making great progress until the boss wanted to see results on his box - an XP/SP2. All the asp/server side stuff worked fine. I have coded it to load an XML file at the press of a button - after selecting criteria. After initiating the XML load, I get a "permission denied" error, with the warning icon - "Error On Page" - in the lower left corner of the IE window.

Have looked within AW forum for a similiar issue with no success (except Mozilla, which I'm not sure is the same issue).

In particular, I have an asp page that returns XML, so I have:

table.setURL("a asp file within my domain");

And then a request:

table.request;

It is within the table.request call that the "permission denied" occurs.

Any ideas? I have read elsewhere that it may be a caching or registry issue, but wanted to get advice from the masters!

If you are loading the HTML page for the grid from one domain and trying to get AJAX information form another domain you are going to get this error. You are not permitted to cross domains to get code. At this time I do not know of a way around that. Your active content must be served up from the same domain as the page was loaded from. You can get Web Services from other domains, but I think you will get shut down every time when trying to load script from another domain.

All pages are served from the same domain. I don't think it would work on any boxes if I had a cross domain issue... right? The plot has thickened somewhat, the grid only works on my box (Windows 2000). Others in the office have W2K and XP - it works on none of them.

I'll keep trying - have come a long way just to punt!
Any suggestions would be appreciated.

So you are saying that to get to the initial page you have to enter a domain name/web page, not simply a location on a hard drive within your office network? And the ASP page that you are requesting information from is also on that domain? Is the initial page returned as the result of an ASP request or is it a static page? If it is static, may I suggest (just a guess here) that you make it part of an ASP request from the same server. It's possible that the ASP server is looking for some domain cookies and they aren't there in the static page so you get the error. And this may be new behavior introduced in XP. M$ has added much more security related issues to XP, especially in SP2.

Try not using the domain at all try the absolute path without domain as follows.

table.setURL("/somedir/myfile.aspx");

Or what ever flavor of script you are calling. BUt permissions usually mean something is happening. What browser are you using? If you use Firefox the JS console usually gives better errors than IE poop errors.

Response to Jim: Yes, I enter a domain name/web page. The ASP page returning XML is also on that domain. The initial page is ASP.

I discovered - although I thought I had already tried - that setting

Internet Options -> Security/Internet/Custom Level -> Miscellaneous ->
Access data source across domains

to ENABLED - IT WORKS!!.

I will try Tony's suggestion tomorrow. Hopefully we can avoid having our clients mucking around in their Internet Options.

Does this mean that, in fact, I am accessing data across domains?

Thanks for the help (and for future help).

If they are both on the same domain you should not be getting the error unless it is that fact that you are passing a fully qualified URL. I agree with Tony, shortening it to an absolute path might make the problem go away.

Setting the URL to an absolute filename worked! Thanks for the Ajax tutorial. Interesting though, here are the 2 URL's used in this project (well, very close at least):

1) HTTP://www.mydomain.com/subfolder/reportInitalPage.asp
2) HTTP://www.mydomain.com/subfolder/XML_Source.asp

The web app is opened with URL #1, XML is retrieved with URL #2 - specified in the AW setURL() method. This situation caused the "Cross Domain" issue. Changing URL #2 to

/subfolder/XML_Source.asp

cured what IE thought was a "Cross Domain" issue. Still not sure why IE thought this, but I'm happy to leave it as a mystery and move on!
Thanks again!

Thanks to your efforts it looks like we have uncovered an anomoly with IE. So it would be a best practice to always use relative paths instead of absolute URLs. This is good to know. Thanks for the efforts.

Yes, getting in the habit of putting absolute paths and not URL's will also save you if you ever move domains/sub-domains, and don't have to dip into the code and change the domain. As long as you keep the directory paths the same structure on the server of course. Being totally against IE, I believe M$ would call this a "feature" Jim and not an anomoly ;-). (Sorry couldn't resist).

As funky as it may seem, our experience has proven that accessing data from the same domain using slightly different URL's will give you a permission denied problem.

1) HTTP://mydomain.com/subfolder/somePage.asp
2) HTTP://www.mydomain.com/subfolder/anotherPage.asp

It seems that by providing the www. vs. not providing it somehow causes the error.

Oh, and please don't fall into the media trap, and inexperienced programmer trap of calling it "AJAX".

It's called RemoteScripting.....If they wanted to come up with a different name for it, then it should do something different. RemoteScripting has been around and in use since at least 1996.

Michael