Hans Gunnar
Top achievements
Rank 1
Rank 1
Hans Gunnar
asked on 24 Sep 2009, 12:58 PM
We have a customer with the website www.customer.com. When a visitor enters the site a RadWindow is opened with a survey. This survey comes from the domain survey.customer.com (both located on the same physical server).
This works just fine, but when trying to close the RadWindow with anything other than the "x" in the top right a javascript error occurs, saying Access Denied.
This is from the FireFox error console:
I'm calling a javascript-function CloseRadWindow on survey.customer.com to close the RadWindow.
Here is the javascript used:
Is there any solution to this? I have used a similar approach for another customer, but at that time both pages where on the same domain/subdomain - I suspect the issue might be different subdomains here?
If there are any other easy ways to close the RadWindow from within the RadWindow itself I'm happy to hear about it.
FYI: No error is displayed when testing on the dev-computer running both projects on localhost.
Br,
Hans
This works just fine, but when trying to close the RadWindow with anything other than the "x" in the top right a javascript error occurs, saying Access Denied.
This is from the FireFox error console:
| Error: Permission denied for <http://survey.customer.com> to get property HTMLIFrameElement.radWindow from <http://www.customer.com>. |
| Source File: http://survey.customer.com/content/pages/smallstartpage.aspx?code=123 |
| Line: 36 |
I'm calling a javascript-function CloseRadWindow on survey.customer.com to close the RadWindow.
Here is the javascript used:
| <script type="text/javascript" language="javascript"> |
| function GetRadWindow() { |
| var oWindow = null; |
| if (window.radWindow) oWindow = window.radWindow; |
| else if (window.frameElement.radWindow) oWindow = window.frameElement.radWindow; |
| return oWindow; |
| } |
| function CloseRadWindow() { |
| var oWindow = GetRadWindow(); |
| if (oWindow != null) |
| oWindow.Close(); |
| else |
| close(); |
| } |
| </script> |
Is there any solution to this? I have used a similar approach for another customer, but at that time both pages where on the same domain/subdomain - I suspect the issue might be different subdomains here?
If there are any other easy ways to close the RadWindow from within the RadWindow itself I'm happy to hear about it.
FYI: No error is displayed when testing on the dev-computer running both projects on localhost.
Br,
Hans
9 Answers, 1 is accepted
0
Hello Hans,
This error is expected - it is occurring because of the cross-frame security mechanism implemented in the browser. You will get the same error if you replace the RadWindow with a standard IFRAME and try to modify it or any other object on the main page from within the content one. In your scenario you could try using document.domain to work around this restriction. More information on the subject is available here.
Sincerely yours,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
This error is expected - it is occurring because of the cross-frame security mechanism implemented in the browser. You will get the same error if you replace the RadWindow with a standard IFRAME and try to modify it or any other object on the main page from within the content one. In your scenario you could try using document.domain to work around this restriction. More information on the subject is available here.
Sincerely yours,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
0
Hans Gunnar
Top achievements
Rank 1
Rank 1
answered on 28 Sep 2009, 08:59 AM
Ok, that sounds reasonable.
The "x" button in the titlebar works even if domains are different. Is the javascript for this close-button placed on the parent then?
The "x" button in the titlebar works even if domains are different. Is the javascript for this close-button placed on the parent then?
0
Yes, the [X] button, being part of the RadWindow, is rendered on the parent page, where the control's JavaScript is.
Best wishes,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
0
Karl Wilkens
Top achievements
Rank 1
Rank 1
answered on 17 Jan 2010, 03:27 PM
Hi I have this scenario as well and am not at all sure how to reference the radwindow.
function GetRadWindow()
{
var oWindow = null;
if (document.domain.radWindow) oWindow = window.radWindow;
else if (document.frameElement.radWindow) oWindow = document.domain.frameElement.radWindow;
return oWindow;
}
this does not work. Does anyone have a solution? Thanks.
function GetRadWindow()
{
var oWindow = null;
if (document.domain.radWindow) oWindow = window.radWindow;
else if (document.frameElement.radWindow) oWindow = document.domain.frameElement.radWindow;
return oWindow;
}
this does not work. Does anyone have a solution? Thanks.
0
Hi Karl,
For the GetRadWindow() code to work, e.g. to be able to get a reference to the RadWindow wrapper on the parent page, both content and parent page should be using https.
Regards,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
For the GetRadWindow() code to work, e.g. to be able to get a reference to the RadWindow wrapper on the parent page, both content and parent page should be using https.
Regards,
Georgi Tunev
the Telerik team
Instantly find answers to your questions on the new Telerik Support Portal.
Watch a video on how to optimize your support resource searches and check out more tips on the blogs.
0
Scott Semyan
Top achievements
Rank 1
Rank 1
answered on 18 Feb 2010, 09:47 PM
Is there any way to specify HTTPS using the window manager? We are using radopen to open the page like so:
radopen('mypage.aspx')
Ideally there would be some setting to specify opening the page in HTTPS (it seems to be opening in HTTP). Otherwise we will be forced to do:
radopen('https://www.mysite.com/mypage.aspx')
Edit: to clarify, the parent page is HTTPS and the radopen call is opening the iframe as HTTP
radopen('mypage.aspx')
Ideally there would be some setting to specify opening the page in HTTPS (it seems to be opening in HTTP). Otherwise we will be forced to do:
radopen('https://www.mysite.com/mypage.aspx')
Edit: to clarify, the parent page is HTTPS and the radopen call is opening the iframe as HTTP
0
Hi Scott,
RadWindow is basically an IFRAME and it behaves like one - you will get the same behavior when you use IFRAME instead of our control. There is no way you could force the manager to open pages in https so I would suggest to use the full Url in the radopen() function.
All the best,
Georgi Tunev
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
RadWindow is basically an IFRAME and it behaves like one - you will get the same behavior when you use IFRAME instead of our control. There is no way you could force the manager to open pages in https so I would suggest to use the full Url in the radopen() function.
All the best,
Georgi Tunev
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
0
Scott Semyan
Top achievements
Rank 1
Rank 1
answered on 19 Feb 2010, 05:19 PM
Thanks for the reply. I was actually able to fix this by adding the page in the radOpen call to the list of ignoredHandlers in the web.config. Like so:
Calling page:
<button onclick="radopen('mypage.aspx');" />
web.config:
Calling page:
<button onclick="radopen('mypage.aspx');" />
web.config:
<secureWebPages mode="On" ignoreHandlers="WithStandardExtensions" secureConnectionIndicator="HTTPHeader" httpHeaderName="ConnectionEncrypted">
<files>
<add path="mypage.aspx" />
</files>
</secureWebPages>
0
wnl
Top achievements
Rank 1
Rank 1
answered on 10 Nov 2011, 12:53 PM
Could you paste all sections from web.config that correspond with this setting?