Best IT Recipes

What does this JavaScript error mean? Permission denied for calling a method in Location.toString

This error began to appear on the entire site.

Permission denied for calling Location.toString method

I see google posts that suggest this is related to flash and our crossdomain.xml. What caused this and how do you fix it?

+6
javascript flash
Aug 27 '08 at 16:02
source share
4 answers

Do you use javascript to communicate between frames / iframes that point to different domains? This is not permitted by the JS security policy of "same origin / domain". That is, if you have

<iframe name="foo" src="foo.com/script.js"> <iframe name="bar" src="bar.com/script.js">

And the script on bar.com is trying to access window["foo"].Location.toString , you will get this (or similar) exception. Also note that the same origin policy can also work if you have content from different subdomains. Here you can find a brief and detailed explanation of this with examples.

+7
Aug 27 '08 at 16:14
source share

You may have come across this publication , but it seems the update for the Flash update has changed the behavior of crossdomain.xml, requiring you to specify a security policy that allows you to send arbitrary headers from a remote domain. The Adobe Knowledge Base article (also mentioned in the original post) here .

+2
Aug. 27 '08 at 16:19
source share

This post assumes that there is one line that should be added to the crossdomain.xml file.

 <allow-http-request-headers-from domain="*" headers="*"/>
0
Aug 27 '08 at 17:19
source share

This is probably due to a change in the version of Flash Player released in early April, I'm not too sure about the specifics, but I assume that there were security issues with this functionality.

What you need to do is add this to your crossdomain.xml (which should be located on your web server)

You can read more here: http://www.adobe.com/devnet/flashplayer/articles/flash_player9_security_update.html

A typical example of crossdomain.xml is twitters , more detailed information on how the file works can be found here.

0
Aug 27 '08 at 19:58
source share


More articles:


All Articles