1

I am trying to do a form submit, which uploads a file that I read from and then I attempt to send back the data read from the file through the callback. However, I receive the error

"{success:false,message:"Blocked a frame with origin "http://localhost:####" from accessing a cross-   origin frame."}"

Hence my callback is never achieved and the data never makes it back to the success callback of the form submit.

I am not entirely sure what that error message means.. and I do not know where to go from here. Any help would be appreciated.

Alpenglow
  • 173
  • 1
  • 17
  • That's most probably the [Same origin policy](http://en.wikipedia.org/wiki/Same-origin_policy) kicking in. Try loading your Ext JS app from the same server as where the Ext.Direct data is submitted. – Alex Tokarev Sep 08 '14 at 21:50

1 Answers1

1

you can follow any of the below steps.

1.Either install your sencha app in the same server as your back end.

2.Use below flag in your browser, but don't do it for production (only for development purpose)

--disable-web-security --allow-file-access-from-files --allow-file-access

3. Use JSONP to access resource outside origin.
dReAmEr
  • 6,986
  • 7
  • 36
  • 63
  • I'm not familiar with how to use #2. How is this done? Thanks. – Alpenglow Sep 10 '14 at 17:23
  • 1
    1.Close your Chrome browser all instances. 2.Right click on chrome launcher icon,go to properties at last,then append these flags in the target section like below i have done. "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-file-access-from-files --allow-file-access --disable-web-security 3.Now you can start your browser again,you will see a warning message just below the search bar of browser,this shows flag has been set. – dReAmEr Sep 10 '14 at 17:30
  • Worked for me. However, I see that warning message, but it says "You are using an unsupported command-line flag: --disable-web-security. Stability and security will suffer." Is that to be expected? – Alpenglow Sep 10 '14 at 18:01
  • 1
    Yes,it is expected,because by default latest browser does not support cross origin request.,Which is why i already mentioned not to use it in production environment.Just use it for development purpose. For more info :- http://en.wikipedia.org/wiki/Cross-origin_resource_sharing – dReAmEr Sep 11 '14 at 04:17