javascript access is denied on window resize of url from different domain

Question

I have a custom function that will open a window to the center of the screen from a different url. On my current case I am opening a url outside my domain. This is my function.

function wopen(url, name, w, h) {
    w += 32;
    h += 96;
    wleft = (screen.width - w) / 2;
    wtop = (screen.height - h) / 2;
    if (wleft < 0) {
        w = screen.width;
        wleft = 0;
    }
    if (wtop < 0) {
        h = screen.height;
        wtop = 0;
    }
    var win = window.open(url,
                name,
                'width=' + w + ', height=' + h + ', ' +
                'left=' + wleft + ', top=' + wtop + ', ' +
                'location=no, menubar=no, scrollbars=yes');
    // +
    //'status=no, toolbar=no, scrollbars=no, resizable=yes');
    win.resizeTo(w, h);
    win.moveTo(wleft, wtop);
    win.focus();
}

This works perfectly on IE6, and FF but not on IE7

Answer 1

The issue is that you are attempting to open a window with a separate domain, which in IE7 and higher is considered a security issue. Essentially, when you open that new window, it creates a new process and leaves your process separate, so you can no longer manipulate that other window.

http://social.msdn.microsoft.com/Forums/en/iewebdevelopment/thread/e9cebb92-f943-4a79-b29b-7376039ea6a0

http://msdn.microsoft.com/en-us/library/Bb250462.aspx

So, once you open that new window with a domain different from your own, you lose control of it. I don't see a way to change this without adjusting the end-users computer.

EDIT

Hmm, apparently you can get around this by opening a window that you do have control of, then changing the window.location.href to your url. Try this:

function wopen(url, name, w, h) {
    w += 32;
    h += 96;
    wleft = (screen.width - w) / 2;
    wtop = (screen.height - h) / 2;
    if (wleft < 0) {
        w = screen.width;
        wleft = 0;
    }
    if (wtop < 0) {
        h = screen.height;
        wtop = 0;
    }
    var win = window.open('about:blank', // <- Note about:blank
                name,
                'width=' + w + ', height=' + h + ', ' +
                'left=' + wleft + ', top=' + wtop + ', ' +
                'location=no, menubar=no, scrollbars=yes');
    // +
    //'status=no, toolbar=no, scrollbars=no, resizable=yes');
    win.location.href = url;
    win.resizeTo(800, 150);
    win.moveTo(wleft, wtop);
    win.focus();
}
wopen('http://www.yahoo.com/', 'yahoo', 250, 250);

I don't know if this is a hack or not; I'm surprised it's that easy to get around, at least for changing window resize and whatnot. But, it works (at least on IE8).

Answer 2

there are many security things that a browser and os checks for any window.

for this case, i am not sure but try this also. if your mouse button is clicked and hold on at the time of resizing browser window through your js code then you will get access denied error.

reason is OS denied such activities when real physical users is ready for mouse drag event.

see below url http://prcoldfusion.blogspot.com/2012/06/access-denied-javascript-error-internet.html