security - Ajax giving Acess Denied error -

-


security - Ajax giving Acess Denied error -

i trying ajax request 192.158.110.129:5000 (flask webserver), while whole website served 192.168.110.129:8080(apache). access denied error in browsers . how can resolve ? need understand whats happening , can prepare . document.domain="192.168.110.129" in firefox . think cross site script injection security measure can clarify ?

there isn't much code can show using api's. this. have html textarea loaded ckeditor script . access through apache . spell checking modified plugin , sending request flash web server .

request = "192.158.110.129:5000?data=data" var data=ckeditor.ajax.load(request);

this doesn't through .

so file serving through apache , ajaxing flash server python action . someone suggested 'proxy' or jsonp solutions . can read on that ?

xhr requests restricted same-origin policy allows requests within same origin due security reasons. 192.168.110.129 allowed send xhr requests 192.168.110.129 not 192.158.110.129.

changing document.domain doesn’t help here. besides allowed utilize proper (super-) domain foo.example.com , bar.example.com agree on example.com, dom access , not xhr requests.

an extension xhr cross-origin resource sharing allows cross-origin requests under specific conditions. 1 status receiving site authorizes requests scripts site. done access-control-allow-origin response header field. can either contain list of allowed origins or * wildcard.

so seek send access-control-allow-origin: * on 192.158.110.129 machine.

ajax security web

Comments

Post a Comment

Popular posts from this blog

How do I check if an insert was successful with MySQLdb in Python? -

-
How do I check if an insert was successful with MySQLdb in Python? - i have code: cursor = conn.cursor() cursor.execute(("insert new_files (videos_id, filename, " "is_processing) values (%s,%s,1)"), (id, filename)) logging.warn("%d", cursor.rowcount) if (cursor.rowcount == 1): logging.info("inserted values %d, %s", id, filename) else: logging.warn("failed insert values %d, %s", id, filename) cursor.close() fun is, cursor.rowcount always one, though updated database create videos_id unique key. is, insert fails because in tests same videos_id going appear (and when check database, nil inserted). whatever reason, rowcount 1 - logging.warn have spits out rowcount of 1. so, question: can utilize rowcount work out if insert went fine? if so, (presumably) doing wrong? otherwise, how check if insert went fine? your code not commit after modifications (your modifications rolled back). should...
Read more

delphi - blogger via idHTTP : error 400 bad request -

-
delphi - blogger via idHTTP : error 400 bad request - i'm trying post blogger using idhttp component, however, i'm getting "http/1.0 400 bad request" error. procedure tform1.button1click(sender: tobject); var request,response,req : tstringlist; auth,blogid : string; begin blogid := '00000000000000000000000'; request := tstringlist.create; response := tstringlist.create; req := tstringlist.create; idhttp1.request.connection := 'keep-alive'; idhttp1.request.contenttype := 'application/x-www-form-urlencoded'; idssliohandlersocket1.ssloptions.method := sslvsslv23; request.clear(); request.values['accounttype'] := 'google'; request.values['email'] := 'xxx@gmail.com'; request.values['passwd'] := 'yyy'; request.values['service'] := 'blogger'; response.text :=idhttp1.post('https://www.google.com/accounts/clientlogin',request); auth := resp...
Read more

postgresql - ERROR: operator is not unique: unknown + unknown -

-
postgresql - ERROR: operator is not unique: unknown + unknown - i have postgis database , have compute new values rows in new column. these values should average of values of several columns. query: insert bdps (da_m) values (avg('da_1'+'da_2'+'da_3'+'da_4'+'da_5'+'da_6'+'da_7')); in query bdps database, da_m new column , da_1 da_7 existing columns have double precision type. da_m created using alter table bdps add together column da_m double precision; i next error: error: operator not unique: unknown + unknown line 2: values (avg('da_1'+'da_2'+'da_3'+'da_4'+'da_5'+'da_6'+'da_7... ^ hint: not take best candidate operator. might need add together explicit type casts. ********** error ********** error: operator not unique: unknown + unknown sql state: 42725 hint: not take best candidate operator. might need add togethe...
Read more