{"id":17,"date":"2008-05-30T07:54:30","date_gmt":"2008-05-30T13:54:30","guid":{"rendered":"http:\/\/www.n8williams.com\/devblog\/?p=17"},"modified":"2008-07-02T01:08:48","modified_gmt":"2008-07-02T07:08:48","slug":"beware-the-affect-of-the","status":"publish","type":"post","link":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the","title":{"rendered":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method"},"content":{"rendered":"

The base href effect on XMLHtttpRequest.open (in IE)<\/h3>\n

Imagine that. If your base href is set to something weird, the ajax requests will get Access errors indicating “Permission Denied to call method yourXMLHttpRequestObject.open” Errors! But only in IE.<\/p>\n

In IE, with AJAX requests, your url root must match your base href. base ref=”http:\/\/www.mydomain.com should be the same as the base url in xmlHttp.open(“GET”, “http:\/\/www.mydomain.com\/MyRemoteServices\/MyRemoteOrderService.cfc?
\nmethod=getOrderInfoXML&userid=1234”, true), or you can use relative urls.<\/p>\n

Example I had:<\/p>\n

\n
\n\/\/The XMLHttpRequest is named xmlHttp here, xmlHttp = new XMLHttpRequest()
\n\/\/If the base href is set to something other than the server root, the AJAX request
\n\/\/thinks the request is coming from a different server, or something.
\n\/\/Permission denied to call XMLHttp.open with the following
\n\/\/SET IN HTML HEAD <base href="http:\/\/www.mydomain.com\/index.cfm?event=myOrder" \/>\t - NOT HTTPS!
\nxmlHttp.open("GET", "https:\/\/mydomain.com\/MyRemoteServices\/MyRemoteOrderService.cfc?
\nmethod=getOrderInfoXML&userid=1234" , true);<\/p>\n

\/\/Now when the base href is set to the server root, no problems
\n\/\/SET IN HTML HEAD <base href="https:\/\/www.mydomain.com\/"> - HTTP!
\nxmlHttp.open("GET", "https:\/\/mydomain.com\/MyRemoteServices\/MyRemoteOrderService.cfc?
\nmethod=getOrderInfoXML&userid=1234" , true);
\n<\/code>\n<\/div>\n

Issues when www isn’t mapped to your home url<\/h3>\n

Another issue that can happen with access denied errors with your AJAX request is when your www doesn’t resolve to the same url as your root. I.E. http:\/\/www.yourdomain.com isn’t the same dns entry as http:\/\/ourdomain.com, even if they both eventually go to the same server ip.<\/p>\n

Error: Happens when your session is in http:\/\/www.yourdomain.com and your AJAX request points to http:\/\/yourdomain.com (if your www subdomain doesn’t resolve to http:\/\/yourdomain.com).<\/p>\n

\n
\n\/\/I'm on a http::\/\/www.mydomain.com page, and I get an error with this line
\nxmlHttp.open("GET", "http:\/\/mydomain.com\/MyRemoteServices\/MyRemoteOrderService.cfc?
\nmethod=getOrderInfoXML&userid=1234" , true);
\n\/\/ I'm on a http::\/\/mydomain.com page, this line will work
\nxmlHttp.open("GET", "http:\/\/mydomain.com\/MyRemoteServices\/MyRemoteOrderService.cfc?
\nmethod=getOrderInfoXML&userid=1234" , true);
\n<\/code>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The base href effect on XMLHtttpRequest.open (in IE) Imagine that. If your base href is set to something weird, the ajax requests will get Access errors indicating “Permission Denied to call method yourXMLHttpRequestObject.open” Errors! But only in IE. In IE, with AJAX requests, your url root must match your base href. base ref=”http:\/\/www.mydomain.com should be … Continue reading “Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"yoast_head":"\nBeware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages\" \/>\n<meta property=\"og:description\" content=\"The base href effect on XMLHtttpRequest.open (in IE) Imagine that. If your base href is set to something weird, the ajax requests will get Access errors indicating “Permission Denied to call method yourXMLHttpRequestObject.open” Errors! But only in IE. In IE, with AJAX requests, your url root must match your base href. base ref=”http:\/\/www.mydomain.com should be … Continue reading "Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method"\" \/>\n<meta property=\"og:url\" content=\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\" \/>\n<meta property=\"og:site_name\" content=\"The Dev Pages\" \/>\n<meta property=\"article:published_time\" content=\"2008-05-30T13:54:30+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2008-07-02T07:08:48+00:00\" \/>\n<meta name=\"author\" content=\"Nate Admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@admin\" \/>\n<meta name=\"twitter:site\" content=\"@admin\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Nate Admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#article\",\"isPartOf\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\"},\"author\":{\"name\":\"Nate Admin\",\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757\"},\"headline\":\"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method\",\"datePublished\":\"2008-05-30T13:54:30+00:00\",\"dateModified\":\"2008-07-02T07:08:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\"},\"wordCount\":201,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757\"},\"articleSection\":[\"Javascript and AJAX\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\",\"url\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\",\"name\":\"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages\",\"isPartOf\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/#website\"},\"datePublished\":\"2008-05-30T13:54:30+00:00\",\"dateModified\":\"2008-07-02T07:08:48+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/n8williams.com\/devblog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/n8williams.com\/devblog\/#website\",\"url\":\"https:\/\/n8williams.com\/devblog\/\",\"name\":\"The Dev Pages\",\"description\":\"A knowledge base for web applications development (and beyond)\",\"publisher\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/n8williams.com\/devblog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757\",\"name\":\"Nate Admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/19d7bc7602072ac846e912622704a628?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/19d7bc7602072ac846e912622704a628?s=96&d=mm&r=g\",\"caption\":\"Nate Admin\"},\"logo\":{\"@id\":\"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/n8williams.com\",\"https:\/\/twitter.com\/admin\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the","og_locale":"en_US","og_type":"article","og_title":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages","og_description":"The base href effect on XMLHtttpRequest.open (in IE) Imagine that. If your base href is set to something weird, the ajax requests will get Access errors indicating “Permission Denied to call method yourXMLHttpRequestObject.open” Errors! But only in IE. In IE, with AJAX requests, your url root must match your base href. base ref=”http:\/\/www.mydomain.com should be … Continue reading \"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method\"","og_url":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the","og_site_name":"The Dev Pages","article_published_time":"2008-05-30T13:54:30+00:00","article_modified_time":"2008-07-02T07:08:48+00:00","author":"Nate Admin","twitter_card":"summary_large_image","twitter_creator":"@admin","twitter_site":"@admin","twitter_misc":{"Written by":"Nate Admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#article","isPartOf":{"@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the"},"author":{"name":"Nate Admin","@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757"},"headline":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method","datePublished":"2008-05-30T13:54:30+00:00","dateModified":"2008-07-02T07:08:48+00:00","mainEntityOfPage":{"@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the"},"wordCount":201,"commentCount":0,"publisher":{"@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757"},"articleSection":["Javascript and AJAX"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#respond"]}]},{"@type":"WebPage","@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the","url":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the","name":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method - The Dev Pages","isPartOf":{"@id":"https:\/\/n8williams.com\/devblog\/#website"},"datePublished":"2008-05-30T13:54:30+00:00","dateModified":"2008-07-02T07:08:48+00:00","breadcrumb":{"@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/n8williams.com\/devblog\/javascript_and_ajax\/beware-the-affect-of-the#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/n8williams.com\/devblog\/"},{"@type":"ListItem","position":2,"name":"Beware the affect of the base href= on AJAX requests, and IE. Permission denied to call XMLHttpRequest open method"}]},{"@type":"WebSite","@id":"https:\/\/n8williams.com\/devblog\/#website","url":"https:\/\/n8williams.com\/devblog\/","name":"The Dev Pages","description":"A knowledge base for web applications development (and beyond)","publisher":{"@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/n8williams.com\/devblog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/1c31624786b5382f1a811f0a01985757","name":"Nate Admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/19d7bc7602072ac846e912622704a628?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/19d7bc7602072ac846e912622704a628?s=96&d=mm&r=g","caption":"Nate Admin"},"logo":{"@id":"https:\/\/n8williams.com\/devblog\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/n8williams.com","https:\/\/twitter.com\/admin"]}]}},"_links":{"self":[{"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/posts\/17"}],"collection":[{"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/comments?post=17"}],"version-history":[{"count":0,"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/posts\/17\/revisions"}],"wp:attachment":[{"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/media?parent=17"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/categories?post=17"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/n8williams.com\/devblog\/wp-json\/wp\/v2\/tags?post=17"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}