Geek Answers Handbook

How to execute cross-domain request in a Webbrowser control?

As you know, XMLHTTP is not allowed for requests in Cross Domain format for security reasons in Internet Explorer.

I have a WebBrowser control and I use DocumentText instead of Navigate for the URL. Since the current domain is about:blank , when the page tries to query itself or another domain, I get an Access is denied Javascript error.

Even if I use Navigate , if Javascript makes a request in a different domain, it does not work.

How can I get around this?

This HTML code should work with WebBrowser Control:

 <body> <a href="javascript:getit('http://www.google.com')">this should work</a> <div id="x"></div> </body> <script> function XHConn() { var xmlhttp, bComplete = false; try { xmlhttp = new ActiveXObject("Msxml2.XMLHTTP"); } catch (e) { try { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { try { xmlhttp = new XMLHttpRequest(); } catch (e) { xmlhttp = false; }}} if (!xmlhttp) return null; this.connect = function(sURL, sMethod, sVars, fnDone) { if (!xmlhttp) return false; bComplete = false; sMethod = sMethod.toUpperCase(); try { if (sMethod == "GET") { xmlhttp.open(sMethod, sURL+"?"+sVars, true); sVars = ""; } else { xmlhttp.open(sMethod, sURL, true); xmlhttp.setRequestHeader("Method", "POST "+sURL+" HTTP/1.1"); xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); } xmlhttp.onreadystatechange = function(){ if (xmlhttp.readyState == 4 && !bComplete) { bComplete = true; fnDone(xmlhttp); }}; xmlhttp.send(sVars); } catch(z) { return false; } return true; }; return this; } function getit(url){ var xmlhttp = new XHConn(); var fnWhenDone = function (oXML) { document.getElementById('x').innerHTML = oXML.responseText; alert(oXML.responseText); }; xmlhttp.connect(url, "GET", "", fnWhenDone); } </script>
+4
source share
5 answers

I found a dirty workaround, loaded local HTML (c: \ temp \ temp.html), and then changed its contents using javascript.

After this point, there are no more CrossDomain restrictions, but using document.write causes other unpleasant problems, such as jQuery .ready functions, will not work.

+6
source

I don’t understand which domain you don’t have access to Javascript on ... Have you tried using the script tag to get data from another domain? You can use JSONP idiom for data namespace ...

 var head = document.getElementsByTagName("head")[0]; var script = document.createElement("script"); script.src = "anotherdomain.com/data?callback=myFunction"; head.appendChild(script);

And then on "/ data":

 myFunction({ // data here });
0
source

URLACTION-CROSS-DOMAIN-DATA seems to be in the right direction: Read this to find out why

0
source

The only way to do this is to make sure your code runs in a trusted zone (or higher than the HTA). By default, everything that works inside the WebBrowser control is executed in the zone from which the files from which the service is executed originate. (i.e. standard IE security policies are used).

To change this behavior, you will need to change the application that hosts the WebBrowser control and implement several interfaces in this WebBrowser control. (IInternetHostSecurityManager, IInternetZoneManager and IInternetSecurityMgrSite are the ones you should pay attention to.) This is not a trivial task, and documentation on this subject is not enough at best.

Once this is done, your code can work with any privileges you need, and cross-domain access requests are as simple as resetting high Mime-Sweeper rates.

Hope this helps.

0
source

Check it out, it worked for me like a charm. http://support.microsoft.com/default.aspx?scid=kb;en-us;246227

0
source

More articles:


All Articles