cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Jscript cross scripting with BSP's

Former Member

on ‎05-08-2006 9:52 AM

0 Kudos

Hi BSP consultants,

I have one BSP embedded in another BSP (actually done using the SEM Web Interface Builder which is a front end for building BSP's in SAP SEM).

All I want to do is access the HTML code in the embedded BSP from the parent web page (BSP), but I keep getting a 'permission denied' error.

I understand it to be linked to cross 'iframe' scripting security type error, but both BSP are on the same domain, and all my research indicates that as long as they are on the same domain then you should be able to use javascript to access the HTML code inside the iframe (child BSP).

Parent BSP url:

http://ldndsmsa64.intranet.barcapint.com:1080/sap(bD1lbiZjPTk1MCZkPW1pbiZ3PTU2MjAwMDAr)/bc/bsp/sap/z...

Child BSP url:

http://ldndsmsa64.intranet.barcapint.com:1080/sap/bc/bsp/sap/z_bps_comments/list.htm?area=ZBA00001&p...

Any pointers would be greatly appreciated.

Thanks,

Rael Bethlehem

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (4)

Answers (4)

Former Member
‎05-09-2006 9:29 AM
0 Kudos

Hi,

In your opinion, are the mentioned domains the same and therefore should allow cross scripting...?

Should I be chasing the basis guys to see if there are any system specific settings which may be influencing this...?

Any new directions to search for a solution would be welcome...

Thanks,

Rael

Show replies
Show replies
Former Member
‎05-08-2006 3:35 PM
0 Kudos

Hi Durairaj,

While I wait for my IT team to help me access the internet browser settings to set the 'trusted sites' option(browser security is greyed out for me), I thought maybe you could confirm that my javascript code I am using is correctly going to call the contents of an embedded iframe (embedded BSP)...:


function showcontentofBSP (){

//fetch all the tables and cells inside of the 'iframe'
var table = window.myFrame.document.getElementsByTagName("table");
for (i= 0; i < table.length; i++){
var tableitem = table.item(i);
var cells =tableitem.getElementsByTagName("td");
var tableid = tableitem.id;
alert(tableid);
}

Thanks,

Rael

Show replies
Show replies
athavanraja
Active Contributor
‎05-09-2006 8:22 AM
0 Kudos

check with the following simple script

<script>

function showcontentofBSP(){

alert(document.myiframeid.document.body.innerHTML);

}

</script>

place this in the main page and call it from the main page.

Regards

Raja

Former Member
‎05-09-2006 8:52 AM
0 Kudos

Hi,

Afraid it did not work and I still get the 'permission denied' error.

I am still waiting for my IT team to help set the site as "trusted".

I'll get back to you once I have made the setting and tested...

Thanks,

Rael

athavanraja
Active Contributor
‎05-09-2006 8:59 AM
0 Kudos

i have tested without setting trusted site in my system it works without problem.

anyhow try the trusted site setting and see whether it helps.

Regards

Raja

Former Member
‎05-08-2006 11:33 AM
0 Kudos

Hi Durairaj,

Thanks, but remind me how to set the 'trusted sites'...? Is it a browser setting? (most of our access is limited where I work....)

Thanks,

Rael

Show replies
Show replies
athavanraja
Active Contributor
‎05-08-2006 11:40 AM
0 Kudos

yes its browser setting.

tools->internet option->security

Regards

Raja

athavanraja
Active Contributor
‎05-08-2006 10:25 AM
0 Kudos

as long as they are in the same domain you should not get any problem. (i have been using it) may be try adding

ldndsmsa64.intranet.barcapint.com to trusted sites and see whether it helps.

Regards

Raja

Show replies
Show replies
athavanraja
Active Contributor
‎05-08-2006 10:34 AM
0 Kudos

this weblog may be of interst to you

/people/gregor.wolf3/blog/2005/11/10/cross-site-scripting-xss-in-sap-web-application-server

Regards

Raja

Ask a Question