Tim Anderson's ITWriting

July 15, 2005

Simple Ajax - and a script tip

I've posted a very simple Ajax example using .NET; no clever libraries, just a few lines of code. You can download the code from the link on this page.

I was testing this example just before posting the link and was concerned to find that it didn't work. When the Javascript called:

xmlhttp.open("GET",url,true);

I got "permission denied". Yet I was sure this used to work. Then I figured it out. Like many web servers, the one I am using is set up so you can optionally use a "www" prefix. Fine - except that if you navigate to a page using the www prefix, and then the script calls out to another page on the site without the prefix (or vice versa), then the browser thinks it is a different domain, and different security rules apply.

I recently encountered a similar problem with PHP sessions. The page called another PHP page which set up a session variable. The session variable was getting intermittently lost. It turned out that I had to amend the script so that it detects whether the www prefix is being used, and modifies the url accordingly. Relative links also work, but in my case I wanted to share the code between pages in different directories.

So here's the tip - if you have pages that can be accessed either from http://somedomain... or http://www.somedomain..., then either use relative links or detect the request url and modify the full links accordingly.