XMLHTTP + ActiveX + Javascript + security Issues

[fmrock]

Hey everyone, I am hoping you all may be able to help out with an issue we are having.

We have a script that was created by a programmer who is no longer with the company.

The JS is in a .htm page on a websphere server.

And they used this example.

http://www.w3schools.com/dom/dom_http.asp

however, on a few of our end users using IE, this will not work. I am guessing it is a security setting or something to do with the version the user has of XMLHTTP.

Do you know of any security settings that would stop this script from working on an end users computer, or a way to check the version of XMLHTTP?

Any help would be great.

 

[harmmeijer]

You need to know if the exception occurs when creating the xmlhttprequest object or when trying to connect. Cross site scripting might not be allowed and then the exception occures when trying to connect (open method).

http://msdn2.microsoft.com/en-us/library/ms537505.aspx

look for "Security: Cross-Domain and Zone Policy"

It might be that the object cannot be created at all (active x).
Put the statements where the object is created and tries to connect in a try and catch and see what the exception is.

var xmlhttp=null;
try{
xmlhttp=new XMLHttpRequest()
}catch(e){
alert(e.description);
}

try{
xmlhttp.open(....
}catch(ex){
alert(ex.description);
}


Greetings, Harm Meijer