Life, SAP, Consulting, Programming, Coding, ASP.NET, Sharepoint, MVC, Javascript, PHP, WebDesign, CSS, HTML

Issues Solving Tip:”This page is accessing information that is not under its control. This poses a security risk. Do you want to continue?”

Hi there!

This is because your page is trying to make an ajax request to a host that not have the same address as yours.

Have you ever met such a weird message like that?

Or have you ever encourter with an ajax work that do not excute because it made a request to a remote server, but didn’t work in firefox or IE either? There is a simple way is that configure your browser to allow cross-site request. Here are the steps you need to do:

Start IE

On the Tools menu, click Internet Options.

On the Security tab, click Internet, and then click Custom Level.

In the Security Settings list, change Access data sources across domains (under Miscellaneous) to Enable.

Click OK to close the Security Settings dialog box.

Click Yes when you receive the following message: Are you sure you want to change the security settings for this zone?

OK. The configuration is even more complex in firefox. I haven’t tried it so I will not list out here.

The problem is that you can do it on your computer. But in a long term, It is not safe, you can be attached by XSS(Cross-site scripting) when you surf through other web. The risk is same for your web users. No one want that danger.

So, what is the the solution. I have a small tip: Instead of requesting directly to the other site by ajax/javascript, Create a page that do that on your server. Then you just simply request to your server to get the date.

The following example explains the tip in ASP.NET

The original request that cause error:

$.getJSON(http://maps.google.com/maps/api/geocode/json?sensor=false&address=” + address,fetchDataMap);

Then change it to your own server request:

$.getJSON(http://yourserver/geocode_json.aspx?sensor=false&address=” + address,fetchDataMap);

Creat the server-side script:

public string parseJson(){

string sensor = Request[“sensor”];

string address = Request[“address”];

WebRequest request = WebRequest.Create (“http://maps.google.com/maps/api/geocode/json?sensor=”+sensor+”&address=”+ address);

// If required by the server, set the credentials.

request.Credentials = CredentialCache.DefaultCredentials;

// Get the response.

HttpWebResponse response = (HttpWebResponse)request.GetResponse ();

// Display the status.

Console.WriteLine (response.StatusDescription);

// Get the stream containing content returned by the server.

Stream dataStream = response.GetResponseStream ();

// Open the stream using a StreamReader for easy access.

StreamReader reader = new StreamReader (dataStream);

// Read the content.

string responseFromServer = reader.ReadToEnd ();

// Display the content.

// Cleanup the streams and the response.

reader.Close ();

dataStream.Close ();

response.Close ();

return responseFromServer;

}

Done!!!!!!

Advertisements

Comments on: "Issues Solving Tip:”This page is accessing information that is not under its control. This poses a security risk. Do you want to continue?”" (1)

  1. Mike Marks said:

    Don’t worry, this isn’t spam- I’ve also been looking for a solution to this whole “cross domain data access” thing. Thx for the info.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: