tags:

views:

649

answers:

3
+1  Q: 

Enabling cross domain scripting in the intranet

Hi,

I'm having a few problems with an application that integrates sharepoint, SQL reporting services and a bunch of custom forms that are built using ASP.NET MVC.

Assuming my servers are as follows;

  • MOSS
  • SSRS
  • Custom forms

In MOSS, my portal has need on occassion to popup a custom form to capture user input. I've done this by using a jQuery dialog (using Boxy), which iframes the custom form in and passes the url of the portal into it. When the custom form is finished, it navigates the parent window (the MOSS portal) to the URL passed in, which effectively refreshes the page.

This was working fine until we threw in the complexity of SSRS.

Now in MOSS, I have a report that lists some data, but the SSRS report viewer web part seems to iframe it's report content in, which means the hyperlinks from the report can't ask the parent to overlay the same dialogs (as it's cross domain) and if it were to perform the overlay itself, it would just overlay the iframe.

Sorry for the long post, getting to the point - this is an internal intranet application only. Is it possible to allow cross domain scripting somehow so that the popup dialogs can all be controlled from javascript within the sharepoint portal and SSRS and my custom forms can just invoke javascript methods on the parent?

Preferably I wouldn't want to have to do configuration in the client browser to allow this to happen, as I'd have to roll that change out to all the machines within the estate - which is a significant number.

Thanks in advance, beer available to anyone who can solve my woes ;)

Cheers, Tony

+2  A: 

IE8, Firefox 3, recent Opera and Safari/Chrome support postMessage which allows cooperating pages on different domains to talk to each other:

http://ajaxian.com/archives/cross-window-messaging-with-html-5-postmessage

If you are stuck with older browsers, you have few options. The cleanest is to send everything that needs to communicate with each other through the same proxy, although in the OP's situation it looks like this isn't possible.

The next cleanest is to use Flash's cross-domain facility.

Another option is xssinterface, which wraps postMessage where available and uses some voodoo involving cookies and polling where it isn't.

The only other option is to use hidden iframes - to send a message to a page, change the iframe's location to one on the destination page's domain and poll in the destination page - but again I think the proxying in the OP's case makes this unworkable.

Andrew Duffy  2009-10-20 09:17:58
Thanks for the info! Darn though - IE6 is deployed across the business at the moment. Any way to do it with this?
deepcode.co.uk  2009-10-20 09:46:01
Edited to add more options
Andrew Duffy  2009-10-20 11:15:17
Thanks for the answer. Going to try and get IE8 standardisation in this instance, failing that will checkout the xssinterface. Out of interest would this work with popup windows too? IE: It would be good for a popup to be able to call back into window.opener..... :)
deepcode.co.uk  2009-10-20 17:01:53
postMessage and Flash will work wherever you have control over both ends of the communication; I think xssinterface's cookie method will work too. Iframes are very flaky.
Andrew Duffy  2009-10-20 23:50:35
A: 

There is another option in addition to those Andrew provides. You can dynamically inject script tags into the DOM, wherein the src attribute can point to a javascript file on any domain.

In jQuery you accomplish this by specifying "jsonp" as the datatype for the ajax request. You can read more about this approach here:

http://blog.ropardo.ro/2009/09/23/cross-domain-ajax-calls/

Matt Baker  2009-10-21 00:55:21
A: 

I finally got around these issues by using hidden iframes as suggested. I posted an article on my blog with more details and pushed the code onto codeplex:

http://www.deepcode.co.uk/2009/11/overcoming-cross-domain-issues-between.html

deepcode.co.uk  2009-11-16 16:00:42

related questions

Fast SQL Server 2005 script generation
In Exchange (2003) how do I list the forms used in the public folder tree ?
Can Windows' built-in ZIP compression be scripted?
Set up PowerShell Script for Automatic Execution
Automated script to zip IIS logs?
Windows Mobile - What scripting platforms are available?
Best way to extract data from a FileMaker Pro database in a script?
which language you use for "throw away" programs?
Delete all but the most recent X files in bash
In SQL Server, how do I generate a CREATE TABLE statement for a given table?
Batch file to "Script" a Database
Is it OK to drop sql statistics?
How do I generate scripts that will rebuild my MS SQL Server 2005 database WITH data?
Which scripting language to support in an existing codebase?
quoting System.DirectoryServices.ResultPropertyCollection
Automate adding entries to a wiki
Can I copy files to a Network Place from a script or the command line?
How do you use PowerShell?
How to resolve symbolic links in a shell script
showing a message box from a bash script in linux
Date arithmetic in Unix shell scripts
Common Types of Subversion Hooks
MS-SQL: Drop all tables whose names begin with a certain string
What PHP framework would you choose for a new application and why?
Adding Scripting functionality to .NET applications