is IE6 violating the same-origin policy?

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • jackchang1@gmail.com

    is IE6 violating the same-origin policy?

    I had a web page hosted in one domain. In IE6 it is able to request
    data from another page in a different domain using XMLHttpRequest
    object. It fails in IE7/Firefox/Safari. Can you confirm that the
    XMLHttpRequest object in IE6 violate the same-origin policy? I am not
    sure if it was my error or IE6's fault. Thank you!
  • Martin Honnen

    #2
    Re: is IE6 violating the same-origin policy?

    jackchang1@gmai l.com wrote:
    I had a web page hosted in one domain. In IE6 it is able to request
    data from another page in a different domain using XMLHttpRequest
    object. It fails in IE7/Firefox/Safari. Can you confirm that the
    XMLHttpRequest object in IE6 violate the same-origin policy? I am not
    sure if it was my error or IE6's fault. Thank you!
    IE 6 does not have an XMLHttpRequest object, that was only introduced in
    IE 7.
    If you are talking about new ActiveXObject(' Msxml2.XMLHTTP' ), whether
    that can make requests to different domains can be configured for each
    security zone that IE has. I think with Windows XP SP 2 the default
    setting for the internet zone is that such requests are not possible.
    The settings for the intranet zone might be different.

    --

    Martin Honnen

    Comment

    • jackchang1@gmail.com

      #3
      Re: is IE6 violating the same-origin policy?

      On Aug 27, 9:49 am, Martin Honnen <mahotr...@yaho o.dewrote:
      jackcha...@gmai l.com wrote:
      I had a web page hosted in one domain. In IE6 it is able to request
      data from another page in a different domain using XMLHttpRequest
      object. It fails in IE7/Firefox/Safari. Can you confirm that the
      XMLHttpRequest object in IE6 violate the same-origin policy? I am not
      sure if it was my error or IE6's fault. Thank you!
      >
      IE 6 does not have an XMLHttpRequest object, that was only introduced in
      IE 7.
      If you are talking about new ActiveXObject(' Msxml2.XMLHTTP' ), whether
      that can make requests to different domains can be configured for each
      security zone that IE has. I think with Windows XP SP 2 the default
      setting for the internet zone is that such requests are not possible.
      The settings for the intranet zone might be different.
      >
      --
      >
      Martin Honnen
      http://JavaScript.FAQTs.com/
      Thank you Martin! Yeah, you are right about
      ActiveXObject(' Msxml2.XMLHTTP' ). For requests to different domains, I
      enable the access to different domain for internet and I guess that is
      why in IE6 the page A is able to get data from the page B in different
      domain. But I still wondering why page A from local disk is able to
      get data from page B in another domain.

      Comment

      Working...