Error: uncaught exception: Permission denied to call method XMLHttpRequest.open

Error: uncaught exception: Permission denied to call method XMLHttpRequest.open is basically a security feature. you get this error when a cross-domain call is made from your AJAX script, e.g. fetching another page or data from a remote location or from another domain other than the one where your script is sitting on.

this is supposedly an infamous error on Mozilla Firefox browsers only. but i think the same error (the logic anyway) would apply to Internet Explorer as well. you just don’t see it. the XMLHttpRequest object was introduced by Microsoft after all.

now i’ve been making a web application lately and unfortunately encountered this error. i first tested the app on plain http. works fine out of the box. but then this has to sit on secure http (https). oops! pages being called through the script ain’t showing. a quick check on the apache logs didn’t give me much info. after scouring through the script (both PHP and AJAX) for odds and bits, i didn’t find anything that was out of place. but then thank God for the Firefox Error Console! this is where i first saw the error.

the funny thing is that i’m not doing any cross-domain calls with this script. it’s only supposed to load pages from the same place/domain where it is currently residing. (or is it considered a cross-domain call already when you specify a full URL path for the script to load?)

i needed a quick fix on this error. so to make a long story short, a quick post on one Linux forums + Google pointed me to an informative site about this error. in not time i was able to make it work on secure http. the added help gave me hints. plus a quick rewrite of the original AJAX script i was using. but the fix i discovered myself, and i’m sure a lot of pips have already realized this before me as well (but i’m blogging it anyway).

when telling the script which page/file to load i was using a full URL path, like this:

url = “http://”+path+”/dir/”+pagename+”.php”

where +path+ is not a directory path but the server IP or name.

so instead of passing the full URL path to the AJAX script, i instead found out that just giving it the pagename or the script’s filename won’t throw an error.

so now i have this:

url = pagename+”.php”

hurray!

also add this at the top of the script or before you have it do anything, it might help:

try {
   netscape.security.PrivilegeManager.enablePrivilege(“UniversalBrowserRead”);
} catch (e) {
   //something to do here
}

Similar Posts:

• > Trailing Slash In WordPress Permalink Causes 404 Error In IE September 21, 2009
• > Fix ./gradlew Permission Denied On OpenShift Deploy August 15, 2020
• > “PROGRAM_NAME” Is Not Recognized As An Internal Or External Command, Operable Program Or Batch File December 20, 2013
• > that annoying Recovery window in OOo September 3, 2007
• > Notes On Nagios Configurations October 15, 2013

Error: uncaught exception: Permission denied to call method XMLHttpRequest.open is basically a security feature. you get this error when a cross-domain call is made from your AJAX script, e.g. fetching another page or data from a remote location or from another domain other than the one where your script is sitting on. this is supposedly…