Every development pipeline has 2 parts. FIRST to work hard and develop the application. SECOND to work harder and make it compatible with the great arrogant IE.
We have an AngularJS (v1.3.13) application without any server side code developed in Webstorm. We are making REST calls to service. Our application works fine on Chrome and Firefox without any Console errors. However when we try to open the page in IE11 or IE9 (not tried IE10), our page doesn't load. Console suggests we have 2 errors. One of them is Access is Denied on
xhr.open(method, url, true);
in angular.js.
There are number of posts on internet and none seems to be working. This is what I have tried.
Hosting app in IIS with changed Handler Mappings to support Cross Domain calls on an Application pool of .Net v4.0 (as suggested by a Senior)
Tried to disable to cache for HTTP requests.
Adding Domain in trusted site category and also adding locahost/IP to local intranet.
Changing request type to JSONP and trying to add Access-Control-Allow-Origin (with value of *) to headers.
Changing IE settings to allow Cross Domain calls.
Error is still chasing us. Even my colleagues have tried the same on their machines ending up with similar blow. Is there anyone to suggest me something on this.
It may be CORS and I may need to go for xdr (XDomainRequest) but not sure how to use it as error is in angular.js. I am certainly no expert on this so please suggest.
Screen shot of the error:
IE shows another error:
[$injector:nomod] Module 'ngLocale' is not available!
You either misspelled the module name or forgot to load it.
If registering a module ensure that you specify the dependencies
as the second argument.
http://errors.angularjs.org/1.2.16/$injector/nomod?p0=ngLocale which I am ignoring for now.
Please suggest me something on this.
Thanks.
I switched from 1.3.4 to 1.4.8 and that did the trick. No more Angular Access Denied in I.E. (Microsoft Edge 25 2015). I don't know why.
<script src="https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.4.8/angular.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/angular-route.js/1.4.8/angular.min.js"></script>
Access is Denied on IE11 in AngularJS error have a solution on this link
I also got the same error while downloading Image from IE11. I have just added the following line in my code and It works.
window.navigator.msSaveBlob(blob, paramDataObject.fileName);
or
window.navigator.msSaveOrOpenBlob(blob, paramDataObject.fileName);
Have you tried xdomain? https://github.com/jpillora/xdomain it's a pure javascript CORS alternative.
if (window.navigator && window.navigator.msSaveOrOpenBlob) {
window.navigator.msSaveOrOpenBlob(blob);
}
else {
var objectUrl = URL.createObjectURL(blob);
window.open(objectUrl);
}
Setting window.location or window.open in AngularJS gives "access is denied" in IE 11
Related
I'm reading out the header of a webpage through:
var srccat=$("*").contents().filter(function(){return this.nodeType == 8;}).get(0).nodeValue;
Then I'm doing some splits and all, which is all working fine.
(I have to read out the header, because a variable is being 'displayed' as text and there is no other way to get to this info...)
However, the page isn't rendering correctly (because it depends on this) and is throwing an error in the console:
"SCRIPT5: Access is denied."
According to the link to "SCRIPT5" (https://msdn.microsoft.com/query/dev12.query?appId=Dev12IDEF1&l=EN-US&k=k(VS.WebClient.Help.SCRIPT5)), it states: "A script tried to access data from a source other than the host of the current page. The Same Origin Policy followed by Internet Explorer and other browsers allows scripts to access data only from sources with the same scheme, host, and port of the URL of the current page."
I assume this has to do with Backbone. I'm not THAT familiar with it, but I understand that it works as a page within a page, so that in my case it's reading information from the 'parent' page.. and I guess this is not allowed in IE...
The error ONLY occurs in IE(11), not in Firefox or Chrome.
Is there a workaround for this?
I had the same problem with CORS within IE only. I had to use a work around of jQuery's CORS support.
// enables cross origin ressource sharing with IE9
$.support.cors = true;
Is it safe to use $.support.cors = true; in jQuery?
Place this before any other ajax requests are made but after loading jQuery (obviously).
I am using Backbone.LocalStorage plugin with backbone app. It is working fine in chrome and safari however, it is giving me below error in firefox.
DOMException [SecurityError: "The operation is insecure."
code: 18
nsresult: 0x80530012
location: http://localhost:8000/js/libs/backbone.localStorage/backbone.localStorage.js?version=1453910702146:137]
I am using python simpleHttpServer
How can I resolve this error?
UPDATE
Here is my code.
paths: {
'jquery' : 'libs/jquery/dist/jquery',
'underscore' : 'libs/underscore/underscore',
'backbone' : 'libs/backbone/backbone',
'localStorage' : 'libs/backbone.localStorage/backbone.localStorage',
'text' : 'plugins/text'
}
Here is collection where localStorage is used.
var Items = Backbone.Collection.extend({
model: SomeModel,
localStorage: new Backbone.LocalStorage('items'),
});
UPDATE 2
I am using firefox 36.
UPDATE 3
It seems like it is a CORS issue but my firefox version is 36. Which should be fine.
UPDATE 4
I am also getting this error in firefox nightly version 44. I also updated my firefox to version 44. Still same error.
Make sure Firefox has cookies enabled.
The setting can be found under Menu/Options/Privacy/History
In the dropdown, select either 'Remember History' or if You prefer use custom settings for history, but select option Accept cookies from sites
Hope it helps.
This happens when we try to access a resource (CSS...) that is located on a different domain. To deal with this error we can use this:
try {
//your critical access to ressources !
//rules = document.styleSheets[i].cssRules;
} catch(e) {
if(e.name !== "SecurityError") {
throw e;
}
Make sure your domains are same. verify Same Origin Policy which means same domain, subdomain, protocol (http vs https) and same port.
What is Same Origin Policy?
How does pushState protect against potential content forgeries?
I had similar issue with one script, I dig into error and found it required SSL websockets, so I started SSL and again checked, and It worked.
Try enabling HTTPS and access website as https://127.0.0.1/ It may solve error.
I am writing my first WebAPI service, to be called from a pure HTML/javascript application. I am starting visual studio first, then running my app in Safari ( it refuses to run in Chrome, and gives this exact error no matter what I do, but has been fine in Safari until now ).
Based on my other SO reading on this, I've added a header that is Access-Control-Allow-Origin with a value of *.
When I push the button in my web app, it makes an AJAX call and I can step through the debugger to see that it's calling my service fine. When it returns, it always returns an object, and the error in Safari in the console is "XMLHttpRequest cannot load (myurl). Origin file :// is not allowed by Access-Control-Allow-Origin".
Any suggestions for how to get Safari to accept the return value would be greatly appreciated. As I said, it's returning a class, which I expected WebAPI would turn in to a JSON string to return to the browser. I don't know if I'm doing something wrong here, or if something is wrong in Safari. I should mention, although I think it's obvious, I am using MVC4, ergo I am using Safari on Windows, not Mac.
Thanks
How are you currently adding the header? The problem isn't getting safari to accept the return value, your WebAPI is rejecting the request.
Here's an article on how to implement CORS in Web API v1 (MVC4). http://goo.gl/BZkrlf
If you can use MVC5/WebAPI v2, there is an easier way to enable CORS via a NuGet package (see this how-to http://goo.gl/60YkgX)
This is an issue with protocol mismatch. You cannot send a cross domain request to HTTP protocol if the request is originating from the FILE protocol. Try viewing the page using a local webserver so you can preview the page in the browser using HTTP. I have experienced this same issue - it is browser side and not a problem with your service.
You can use Microsoft.AspNet.Cors from nuget and adding
var attr = new EnableCorsAttribute("", "", "GET");
config.EnableCors(attr);
to WebApiConfig.cs
I am getting (NS_ERROR_DOCUMENT_NOT_CACHED) error when I try to access the Javascript code through firefox.I get this error in the contents tab of HTTPFOX.
I googled and set the parameters of browser in config file as specified in this site but it still doesn't work.
http://code.google.com/p/httpfox/issues/detail?id=20
Can somebody suggest whats going wrong since the same code works fine for safari browser..
If anyone is interested in a solution to this, I believe it's to do with the plugin noscript. Disabling it fixed this, but I have yet to work out what part of noscript was causing the issue. Will update if I find out.
Edit:My issues was with a twitter auth callback. In the Advanced settings of noscript under ABE, in the SYSTEM ruleset, on the line "Accept from LOCAL" I added "*.twitter.com". This allowed callback requests from *twitter.com to return to a local address.
On my macbook I had to uninstall firefox completely to correctly get the content of an ajax response with httpfox. This also implies to remove the firefox profile bij removing this Firefox folder (I could only find it via the terminal and not via Finder):
/Users/<YOURUSER>/Library/Application Support/Firefox
Then install firefox again and install the httpfox add-on.
I tried many cache settings also by entering about:config in the firefox URL however without succes. Be aware that removing the profile settings like I describe will also remove all your personal firefox customization. It concerned firefox 18.0.2 and httpfox 0.8.11.
We used to get the same error when our JavaScript made an XMLHTTPRequest to the server. On the server side, we had java, and the java response, the content type was not explicitly set to "text/html". When that was done
resp.setContentType("text/html");
the error went away.
I get the following error in Chrome's developer tools window when I try to set a cookie using this jQuery plugin:
Uncaught Error: SECURITY_ERR: DOM Exception 18
What does this error mean and how can I fix it? I get the same error when I use this jQuery plugin.
You're most likely using this on a local file over the file:// URI scheme, which cannot have cookies set. Put it on a local server so you can use http://localhost.
I also had this issue while developping on HTML5 in local.
I had issues with images and getImageData function.
Finally, I discovered one can launch chrome with the --allow-file-access-from-file command switch, that get rid of this protection security.
The only thing is that it makes your browser less safe, and you can't have one chrome instance with the flag on and another without the flag.
You can also "fix" this by replacing the image with its inline Base64 representation:
img.src= "data:image/gif;base64,R0lGODlhCwALAIAAAAAA3pn/ZiH5BAEAAAEALAAAAAALAAsAAAIUhA+hkcuO4lmNVindo7qyrIXiGBYAOw==";
Useful, when you do not intend to publish the page on the web, but instead use it on local machines only.
Faced with the same situation playing with Javascript webworkers. Unfortunately Chrome doesn't allow to access javascript workers stored in a local file.
One kind of workaround below using a local storage is to running Chrome with --allow-file-access-from-files (with s at the end), but only one instance of Chrome is allowed, which is not too convenient for me. For this reason i'm using Chrome Canary, with file access allowed.
BTW in Firefox there is no such an issue.
This error pops up, if you try to create a web worker with data URI scheme.
var w = new Worker('data:text/javascript;charset=utf-8,onmessage%20%3D%20function()%20%7B%20postMessage(%22pong%22)%3B%20%7D'); w.postMessage('ping');
It's not allowed according to the standard: http://www.whatwg.org/specs/web-apps/current-work/multipage/workers.html#dom-worker
I had this issue when using the history API.
window.history.pushState(null, null, URL);
Even with a local server (localhost), you want to add 'http://' to your URL so that you have something similar to:
http://localhost...
I wasn't completely happy by the --allow-file-access-from-files solution, because I'm using Chrome as my primary browser, and wasn't really happy with this breach I was opening.
Now I'm using Canary ( the chrome beta version ) for my development with the flag on.
And the mere Chrome version for my real blogging : the two browser don't share the flag !
One can also receive this error if using the new (so far webkit only) notification feature before getting permission.
First run:
<!-- Get permission -->
<button onclick="webkitNotifications.requestPermission();">Enable Notifications</button>
Later run:
// Display Notification:
window.webkitNotifications.createNotification('image', 'Title', 'Body').show();
The request permission functions needs to be triggered from an event caused by the user, otherwise it won't be displayed.
I was been getting that error in mobile safari when using ASP.NET MVC to return a FileResult with the overload that returns a file with a different file name than the original. So,
return File(returnFilePath, contentType, fileName);
would give the error in mobile safari, where as
return File(returnFilePath, contentType);
would not.
I don't even remember why I thought what I was doing was a good idea. Trying to be clever I guess.