Safely avoiding the "access denied" dialog [How to: Work around the access denied cross-domain IFRAME issue in the AJAX Control Toolkit]
Bertrand recently blogged "How to work around the access denied cross-domain frame issue in ASP.NET Ajax 1.0". Unfortunately, a similar issue exists in the AJAX Control Toolkit - with a similar workaround that's detailed in this post.
Background: The AJAX Control Toolkit attempts to use as much of the ASP.NET AJAX infrastructure as possible in order to keep things simple and benefit from the established architecture of ASP.NET AJAX. However, the ASP.NET AJAX 1.0 implementation of Sys.UI.getLocation was not accurate for IFRAME content with certain page layouts in IE6 - one of which was used by the Toolkit test harness. We couldn't have our automated tests failing - and the ASP.NET AJAX team wasn't able to include a fix in their 1.0 release - so we needed to address this somehow. Since we had developed our own getLocation implementation that was accurate in IE6, we decided to route all Toolkit calls to getLocation through our own wrapper function - which used our improved implementation for IE6 and called through to the ASP.NET AJAX implementation for everything else. This works pretty well - except that our version suffers from the same cross-domain permissions issue that the ASP.NET AJAX version suffers from (please refer to Bertrand's post for more details).
Fix: We've just checked in a fix to the Toolkit's Development branch to add the same try/catch wrapper that Bertrand suggests; this fix will be included with the next Toolkit release (in about a month). In the meantime, people who want the fix sooner are encouraged to apply the changes themselves. To do so, open AjaxControlToolkit.sln in Visual Studio, open the file AjaxControlToolkit\Common\Common.js, find the getLocation function, add the yellow, italic block below, and build the project to get a new AjaxControlToolkit.dll with the fix. The complete function definition with the fix applied is included here to make this as easy as possible:
getLocation :
function(element) {
/// <summary>Gets the coordinates of a DOM element.</summary>
/// <param name="element" domElement="true"/>
/// <returns type="Sys.UI.Point">
/// A Point object with two fields, x and y, which contain the pixel coordinates of the element.
/// </returns>
// workaround for an issue in getLocation where it will compute the location of the document element.
// this will return an offset if scrolled.
//
if (element === document.documentElement) {
return new Sys.UI.Point(0,0);
}
// Workaround for IE6 bug in getLocation (also required patching getBounds - remove that fix when this is removed)
if (Sys.Browser.agent == Sys.Browser.InternetExplorer && Sys.Browser.version < 7) {
if (element.window === element || element.nodeType === 9 || !element.getClientRects || !element.getBoundingClientRect) return new Sys.UI.Point(0,0);
// Get the first bounding rectangle in screen coordinates
var screenRects = element.getClientRects();
if (!screenRects || !screenRects.length) {
return new Sys.UI.Point(0,0);
}
var first = screenRects[0];
// Delta between client coords and screen coords
var dLeft = 0;
var dTop = 0;
var inFrame = false;
try {
inFrame = element.ownerDocument.parentWindow.frameElement;
} catch(ex) {
// If accessing the frameElement fails, a frame is probably in a different
// domain than its parent - and we still want to do the calculation below
inFrame = true;
}
// If we're in a frame, get client coordinates too so we can compute the delta
if (inFrame) {
// Get the bounding rectangle in client coords
var clientRect = element.getBoundingClientRect();
if (!clientRect) {
return new Sys.UI.Point(0,0);
}
// Find the minima in screen coords
var minLeft = first.left;
var minTop = first.top;
for (var i = 1; i < screenRects.length; i++) {
var r = screenRects[i];
if (r.left < minLeft) {
minLeft = r.left;
}
if (r.top < minTop) {
minTop = r.top;
}
}
// Compute the delta between screen and client coords
dLeft = minLeft - clientRect.left;
dTop = minTop - clientRect.top;
}
// Subtract 2px, the border of the viewport (It can be changed in IE6 by applying a border style to the HTML element,
// but this is not supported by ASP.NET AJAX, and it cannot be changed in IE7.), and also subtract the delta between
// screen coords and client coords
var ownerDocument = element.document.documentElement;
return new Sys.UI.Point(first.left - 2 - dLeft + ownerDocument.scrollLeft, first.top - 2 - dTop + ownerDocument.scrollTop);
}
return Sys.UI.DomElement.getLocation(element);
},
Sorry for the trouble - we hope this patch helps any people who might be running into this issue!
Updated at 6pm: Modified the getLocation implementation to return the correct value in all cases.
