Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

cross domain support

more options

Hi I am not able to access my method "abc" for the versions of Firefox 23 and above. But if a set the tag "security.mixed_content.block_active_content" in config of firefox to false it can be accessed.

I want this thing can be done through JavaScript or suggest some other way using JavaScript to handle this situation.

Its a cross domain WCF request.My application is a https: but my wcf service is simply http.It works fine on firefox version less than 23.

varUrl="http://localhost:8733/Design_Time_Addresses/WcfServiceLibraryForActiveX/FileUpload/abc"
        varData = { varData: "CommunicateTrayIcon", sVersion: sVersion1 };
        varDataType = "json";
       
   $.ajaxSetup({ cache: false });
        $.get(

                varUrl, // Location of the service
                varData, //Data sent to server
                function (msg, status, xhr) {//On Successfull service call

                    ServiceSucceeded1(msg);
                },
                varDataType
        //error: ServiceFailed// When Service call fails

                );

thanks and regards,
Swapnil Srivastav

Hi I am not able to access my method "abc" for the versions of Firefox 23 and above. But if a set the tag "security.mixed_content.block_active_content" in config of firefox to false it can be accessed. I want this thing can be done through JavaScript or suggest some other way using JavaScript to handle this situation. Its a cross domain WCF request.My application is a https: but my wcf service is simply http.It works fine on firefox version less than 23. <pre><nowiki>varUrl="http://localhost:8733/Design_Time_Addresses/WcfServiceLibraryForActiveX/FileUpload/abc" varData = { varData: "CommunicateTrayIcon", sVersion: sVersion1 }; varDataType = "json"; $.ajaxSetup({ cache: false }); $.get( varUrl, // Location of the service varData, //Data sent to server function (msg, status, xhr) {//On Successfull service call ServiceSucceeded1(msg); }, varDataType //error: ServiceFailed// When Service call fails );</nowiki></pre> thanks and regards,<br /> Swapnil Srivastav

Modified by cor-el

All Replies (5)

more options

hello Swapnil Srivastav , for background on the issue please refer to https://blog.mozilla.org/tanvi/2013/04/10/mixed-content-blocking-enabled-in-firefox-23/

the only solution that would come to my mind is to put both sources either onto a secure https:-connection or address them both through http:// instead...

more options

Websites cannot change this setting — for obvious reasons!

Another workaround is to proxy the service request through a page on your secure server. I don't know ASP.Net (I'm assuming from your reference to WCF), but I found an example for you: http://www.codeproject.com/Articles/667611/ASP-NET-Proxy-Page-Used-for-Cross-Domain-Requests

more options

Hi philipp,

The page recommended by you has helped me in understanding the concept but still i am struggling for an exact solution.

i have to hit the WCF web service which is HTTT from a HTTPS page.And any solution in javascript will be of great help.

Regards Swapnil

more options

Hi jscher2000,

I have gone through your solution but its something for server side.I need something which can make WCF request across domains through JavaScript.


This is how i am calling the WCF exposed methods varUrl="http://localhost:8733/Design_Time_Addresses/WcfServiceLibraryForActiveX/FileUpload/abc"

where "abc" is my method.

i have to hit the WCF web service which is HTTP from a HTTPS page.And any solution in javascript will be of great help.

Regards, Swapnil Srivastav

more options

As described in the article linked by philipp, the end user can make an exception to the mixed content blocking feature by clicking the shield icon in the address bar. Does that work on your Firefox.

An end user also can completely turn off that feature.

However, there's no way to build an application that bypasses that feature.