JavaScript Same origin policy
mbuckley
Basically the extension inserts a img into the current document and
makes it draggable so designers can compare their design compositions
with the html that they are developing.
I would like to use some of the effects found on this page (http://
www.nihilogic.dk/labs/imagefx/). I have run into the same origin
policy issue:
Error: uncaught exception: [Exception... "Security error" code:
"1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location:
"file:///home/mbuckley/Desktop/invert/imagefx_invert.js Line: 12"]
I imagine this is happening because the image that I am trying to
manipulate has a chrome src (chrome://pixelperfect/content/images/
test.png) which does not match the current domain (http://
www.somedomain.com).
Is there anyway to work around this specifically for extension
developers?
John J. Barton
> I am the developer of the pixel perfect firefox/firebug extension.
> Basically the extension inserts a img into the current document and
> makes it draggable so designers can compare their design compositions
> with the html that they are developing.
>
> I would like to use some of the effects found on this page (http://
> www.nihilogic.dk/labs/imagefx/). I have run into the same origin
> policy issue:
Just curious, why did you say "the same origin policy issue" rather than
"obscure unknown numerical error 1000"?
>
> Error: uncaught exception: [Exception... "Security error" code:
> "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_SECURITY_ERR)" location:
> "file:///home/mbuckley/Desktop/invert/imagefx_invert.js Line: 12"]
I think to answer we need to know more about the call stack when this
occurs. (I'm surprised that you have a file URL here).
>
> I imagine this is happening because the image that I am trying to
> manipulate has a chrome src (chrome://pixelperfect/content/images/
> test.png) which does not match the current domain (http://
> www.somedomain.com).
>
> Is there anyway to work around this specifically for extension
> developers?
I think you can do quite a lot to the the page, so I guess you are on
the wrong track unless the code is running in the web domain and tries
to do stuff with the chrome or file URLs (That is, opposite direction).
jjb
mbuckley
wrote:
I mentioned the "same origin policy" because this is what I've found
by reading up on what causes this issue when dealing with Images..but
yes it should be called the "obscure unknown numerical error 1000" =p
> I think you can do quite a lot to the the page, so I guess you are on
> the wrong track unless the code is running in the web domain and tries
> to do stuff with the chrome or file URLs (That is, opposite direction).
Yes, this is exactly what I'm trying to do. So basically there is code
in the web domain (that I have injected there) that is trying to
manipulate an image with a src="chrome://...". And I get the error
because the img src is not on the same domain (according to FF). Not
really sure where to go from here.
M
Arivald
Just put Your "imagefx" JS files inside Your extension. They will get
rights of extension JS.
--
Arivald
John J. Barton
>> I think you can do quite a lot to the the page, so I guess you are on
>> the wrong track unless the code is running in the web domain and tries
>> to do stuff with the chrome or file URLs (That is, opposite direction).
>
> Yes, this is exactly what I'm trying to do. So basically there is code
> in the web domain (that I have injected there) that is trying to
> manipulate an image with a src="chrome://...". And I get the error
> because the img src is not on the same domain (according to FF). Not
> really sure where to go from here.
As Arivald said, don't inject code in to the page. Run your code in the
extension.
jjb