Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Granit.js access denied.

Avatar

Level 1

Hi!
We encountered a problem with recaptcha (google captcha).
In IE11 granit.js handles iframe and we get "Access denied" when granit trys to read contentWindow property.

There is no such errors in other browsers.  

 How to fix this problem?

if (window.Node) {
        var ac = Node.prototype.appendChild;

        Node.prototype.appendChild = function() {
            var result = ac.apply(this, arguments);

            if (result.nodeName === 'IFRAME') {
                if (result.contentWindow && !result._csrf) {
                    result._csrf = true;
                    handleForm(result.contentWindow.document);
                }
            }

            return result;
        };
    }

Thanks.

1 Accepted Solution

Avatar

Correct answer by
Level 9

Yeah. Other browsers are smart enough to handle the request.And, IE has not learned the lesson till now. Anyway, Here is one solution, you can try it.

http://stackoverflow.com/questions/26910691/jquery-ajax-request-ie11-access-is-denied

--

Jitendra

View solution in original post

10 Replies

Avatar

Level 9

There is a good chance that this issue occurs because of cross domain calls. Are you making any cross domain calls?.

--

Jitendra

Avatar

Correct answer by
Level 9

Yeah. Other browsers are smart enough to handle the request.And, IE has not learned the lesson till now. Anyway, Here is one solution, you can try it.

http://stackoverflow.com/questions/26910691/jquery-ajax-request-ie11-access-is-denied

--

Jitendra

Avatar

Level 1

Proposed solution doesn't work for google captcha specifically, because we need result returned from API call, which fails.

Avatar

Level 9

If you are expecting result in json, use JSONP which is designed to solve cross domain issue. For more details..

http://jquery-howto.blogspot.in/2013/09/jquery-cross-domain-ajax-request.html

if issue still not solve, kindly provide how are you making call & what do you expect in result?.

---Jitendra

Avatar

Level 1

Cross-origin issue is not in network call, but in JavaScript call.

We're using JSONP.
Returning callback calls google recaptcha API, which inserts an iframe by calling native API method: appendChild.

Since granite.js messes with native appendChild, code in original question is called here.

IE11 tries to execute the statement: result.contentWindow.document
And fails because it is not allowed to access anything within window of an iframe from another domain (google.com).

BTW on top of that we have the same issue in OSX and iOS.

Avatar

Level 3

This was marked as solved, but the proposed solutions did not work for google recaptcha.

We are facing the same issue as kirilloid.

How can I reopen this issue?

Avatar

Administrator

murilod74686477 wrote...

This was marked as solved, but the proposed solutions did not work for google recaptcha.

We are facing the same issue as kirilloid.

How can I reopen this issue?

 

I would request you to create a new question. Mixing of two threads would basically not a best practice. 

Creating a new question would be better approach to archive answers as well.

~kautuk



Kautuk Sahni

Avatar

Level 1

We just overriden this method again the same way and made it do not check any token if frame is loaded from external URL.
This solution should work with any external service, not only with Google ReCaptcha

Avatar

Level 1

Hey @murilod74686477
I am facing the same issue. Can you post the link to the new question (if you have opened one)

Avatar

Level 2

AEM 6.1 SP2 resolve the issue by updating 

/etc/clientlibs/granite/jquery/granite/csrf/source/csrf.js

 

 

Thanks

 

Adolfo