最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

https - Opera won't load some JavaScript files - Stack Overflow

programmeradmin3浏览0评论

I have a web page that loads in an IFRAME, that runs correctly in IE and Firefox but not in Opera. Which I hate, because I've been an Opera user for years. And I wrote this thing. :-)

The problem is that Opera is not loading some of the JavaScript files that prise the page. I suspect that it is related to the fact that the page itself is loaded via HTTPS and the included files via HTTP from a different host and port. I believe Opera allows that, but Dragonfly's Net tab doesn't even show an attempt to load them.

The page is a Rally "custom app", and I can't control the fact that it is loaded in an IFRAME or that it loads via HTTPS. I also can't control the fact that the included files are loaded from a different host, or that the host only supports HTTP. So I'm sorta stuck with mixed content.

Among other stuff, the page's HEAD element contains (sanitized a bit):

<script src=":81/mon/jquery-1.4.2.js"></script>
<script src=":81/mon/jsTree/jquery.jstree.js"></script>
<script src=":81/mon/utils_jserror.js"></script>
<script src=":81/mon/utils_logging.js"></script>
<script src=":81/mon/utils_print_r.js"></script>
<script src=":81/mon/utils_rally_query.js"></script>
<script src=":81/mon/json2.js"></script>
<script src="/slm/js/slm.js"></script>
<script src="/slm/js-lib/dojo/rally-1.3.1/dojo/dojo.js.unpressed.js"></script>
<script src="/slm/mashup/1.18/js/batch-toolkit.js"></script>
<script src="/slm/mashup/1.18/js/utilities.js"></script>

ALL of the "/slm/..." stuff is getting loaded, and NONE of the "www.example..." stuff is.

Anybody got an idea what I'm doing wrong?

I have a web page that loads in an IFRAME, that runs correctly in IE and Firefox but not in Opera. Which I hate, because I've been an Opera user for years. And I wrote this thing. :-)

The problem is that Opera is not loading some of the JavaScript files that prise the page. I suspect that it is related to the fact that the page itself is loaded via HTTPS and the included files via HTTP from a different host and port. I believe Opera allows that, but Dragonfly's Net tab doesn't even show an attempt to load them.

The page is a Rally "custom app", and I can't control the fact that it is loaded in an IFRAME or that it loads via HTTPS. I also can't control the fact that the included files are loaded from a different host, or that the host only supports HTTP. So I'm sorta stuck with mixed content.

Among other stuff, the page's HEAD element contains (sanitized a bit):

<script src="http://www.example.:81/mon/jquery-1.4.2.js"></script>
<script src="http://www.example.:81/mon/jsTree/jquery.jstree.js"></script>
<script src="http://www.example.:81/mon/utils_jserror.js"></script>
<script src="http://www.example.:81/mon/utils_logging.js"></script>
<script src="http://www.example.:81/mon/utils_print_r.js"></script>
<script src="http://www.example.:81/mon/utils_rally_query.js"></script>
<script src="http://www.example.:81/mon/json2.js"></script>
<script src="/slm/js/slm.js"></script>
<script src="/slm/js-lib/dojo/rally-1.3.1/dojo/dojo.js.unpressed.js"></script>
<script src="/slm/mashup/1.18/js/batch-toolkit.js"></script>
<script src="/slm/mashup/1.18/js/utilities.js"></script>

ALL of the "/slm/..." stuff is getting loaded, and NONE of the "www.example..." stuff is.

Anybody got an idea what I'm doing wrong?

Share Improve this question asked Mar 28, 2011 at 20:17 Ross PattersonRoss Patterson 9,56935 silver badges50 bronze badges 7
  • Are the scripts loaded from http from a regular server on the internet, or is this server on an intranet or local host? – hallvors Commented Mar 29, 2011 at 20:03
  • 1 did you try to start your addresses with // without mentioning the protocol. ex: src="//www.example. – karlcow Commented Mar 30, 2011 at 1:33
  • @hallvors: The "example." scripts are from a Windows server on the local intranet, and are not accessible from the public Internet. But they are accessible from the machine where the browser is running - if I cut & paste them into the address bar, the JavaScript source files are readable in the browser. – Ross Patterson Commented Apr 1, 2011 at 16:49
  • @karlcow: I never considered that. But I expect it will make the browser assume "https:", and the server in question will only do "http:". But it's worth a shot, thanks! – Ross Patterson Commented Apr 1, 2011 at 16:56
  • Comment by stk: "@Ross: Did you find a solution to this problem in the meantime? I incidentally have exactly the same problem, i.e. I also need this for a Rally app." – Daniel Hilgarth Commented Sep 15, 2011 at 15:17
 |  Show 2 more ments

1 Answer 1

Reset to default 14

Opera has a feature called cross-network protection. Basically it places some extra limitations on what pages from the internet can do with stuff on your local network.

The reason this feature exists, is the emergence of the so called "phish farm" exploits, where it was discovered that the HTTP-based config screens of some popular home routers / modems were so poorly secured that malicious web pages could rewrite your router settings - for example to configure it to use a proxy and pipe all your traffic through a malicious server. To counter this, Opera knows that some IP addresses are not used on the public web (such as 127.0.0.1 or 192.168.*) and it doesn't allow pages from a "public" site to load files or send requests to a "local" site.

You can reconfigure this on a per-site basis. The easiest thing is probably adding an IFRAME on the "public" site loading one of the resources from the local server. The IFRAME will show a "cross-domain request" warning page with some opt-in links. Click the link for always allowing local requests from that server, and voila - your cross-network app should now work again.

(Adding an IFRAME is as easy as viewing source, adding <iframe src="http://local/whatever/included/file.js"></iframe>, saving, and "Tools > Advanced > Reload from cache" )

发布评论

评论列表(0)

  1. 暂无评论