[Tizen Application-dev] SECURITY_ERR: DOM Exception 18

Denis Sapon sapondenis at gmail.com
Thu Feb 16 12:20:19 GMT 2012


Hi Ryan,

As I understand implementation of webstorage, it work on client side.
I cannot post code form my project, but i tried sample todo from
http://www.html5rocks.com/en/tutorials/webdatabase/todo/ and get same
exception "SECURITY_ERR: DOM exception 18".
I just add try catch block for open function, see code below:

<!DOCTYPE html>
<html>
  <head>
    <style>
      body {
        color: #222;
        font: 14px Arial;
      }
      body a {
        color: #3D5C9D;
        text-decoration: none;
      }
    </style>
    <script>
      var html5rocks = {};
      html5rocks.webdb = {};
      html5rocks.webdb.db = null;

      html5rocks.webdb.open = function() {
        var dbSize = 5 * 1024 * 1024; // 5MB
        try {
	        html5rocks.webdb.db = window.openDatabase("Todo", "1.0",
"Todo manager", dbSize);
        } catch(e) {
        	alert(e.message) // here I get exception with "SECURITY_ERR:
DOM exception 18" message
        }
      }

      html5rocks.webdb.createTable = function() {
        var db = html5rocks.webdb.db;
        db.transaction(function(tx) {
          tx.executeSql("CREATE TABLE IF NOT EXISTS todo(ID INTEGER
PRIMARY KEY ASC, todo TEXT, added_on DATETIME)", []);
        });
      }

      html5rocks.webdb.addTodo = function(todoText) {
        var db = html5rocks.webdb.db;
        db.transaction(function(tx){
          var addedOn = new Date();
          tx.executeSql("INSERT INTO todo(todo, added_on) VALUES (?,?)",
              [todoText, addedOn],
              html5rocks.webdb.onSuccess,
              html5rocks.webdb.onError);
         });
      }

      html5rocks.webdb.onError = function(tx, e) {
        alert("There has been an error: " + e.message);
      }

      html5rocks.webdb.onSuccess = function(tx, r) {
        html5rocks.webdb.getAllTodoItems(loadTodoItems);
      }

      html5rocks.webdb.getAllTodoItems = function(renderFunc) {
        var db = html5rocks.webdb.db;
        db.transaction(function(tx) {
          tx.executeSql("SELECT * FROM todo", [], renderFunc,
              html5rocks.webdb.onError);
        });
      }

      html5rocks.webdb.deleteTodo = function(id) {
        var db = html5rocks.webdb.db;
        db.transaction(function(tx){
          tx.executeSql("DELETE FROM todo WHERE ID=?", [id],
              html5rocks.webdb.onSuccess,
              html5rocks.webdb.onError);
          });
      }

      function loadTodoItems(tx, rs) {
        var rowOutput = "";
        var todoItems = document.getElementById("todoItems");
        for (var i=0; i < rs.rows.length; i++) {
          rowOutput += renderTodo(rs.rows.item(i));
        }
        todoItems.innerHTML = rowOutput;
      }

      function renderTodo(row) {
        return "<li>" + row.todo  + " [<a href='javascript:void(0);'
onclick='html5rocks.webdb.deleteTodo(" + row.ID
+");'>Delete</a>]</li>";
      }

      function init() {
        html5rocks.webdb.open();
        html5rocks.webdb.createTable();
        html5rocks.webdb.getAllTodoItems(loadTodoItems);
      }

      function addTodo() {
        var todo = document.getElementById("todo");
        html5rocks.webdb.addTodo(todo.value);
        todo.value = "";
      }
    </script>
  </head>
  <body onload="init();">
    <ul id="todoItems">
    </ul>
    <form type="post" onsubmit="addTodo(); return false;">
      <input type="text" id="todo" name="todo" placeholder="What do
you need to do?" style="width: 200px;" />
      <input type="submit" value="Add Todo Item"/>
    </form>
  </body>
</html>



2012/2/16 Ryan Ware <ware at linux.intel.com>:
>
>
>> -----Original Message-----
>> From: application-dev-bounces at lists.tizen.org [mailto:application-dev-
>> bounces at lists.tizen.org] On Behalf Of Denis Sapon
>> Sent: Tuesday, February 14, 2012 12:44 PM
>> To: Schaufler, Casey
>> Cc: application-dev at lists.tizen.org
>> Subject: Re: [Tizen Application-dev] SECURITY_ERR: DOM Exception 18
>>
>> Thank you for your reply. But there remains another question. Why do I
>> get same-origin policy exception when work with WebSQL, in particular
>> when I second time call openDatabase function or try SQL transaction
>
> My guess would be that you're doing something that inadvertently changes
> either protocol, hostname or port.  However, that's just a guess since I
> can't see your code.
>
> Ryan
>
>> 2012/2/14 Schaufler, Casey <casey.schaufler at intel.com>:
>> >> -----Original Message-----
>> >> From: application-dev-bounces at lists.tizen.org [mailto:application-dev-
>> >> bounces at lists.tizen.org] On Behalf Of Denis Sapon
>> >> Sent: Tuesday, February 14, 2012 3:52 AM
>> >> To: application-dev at lists.tizen.org
>> >> Subject: [Tizen Application-dev] SECURITY_ERR: DOM Exception 18
>> >>
>> >> Hi,
>> >>
>> >> I have a project written in html and javascript. I tried to use it
>> >> with Tizen SDK and it work with Tizen IDE html preview, but not work
>> >> with emulator. I got exception with message "SECURITY_ERROR: DOM
>> >> Exception 18" when send ajax request or when try open database.
>> >>
>> >> The first part of the problem partially solved when I added access tag
>> >> into config.xml. But this approach does not suit me, because I have to
>> >> explicitly specify origin. Is there a way to dynamically specify
>> >> origin from code?(not from config.xml)
>> >
>> > No. Absolutely not.
>> >
>> > Imagine a good application that gets compromised by an evil
>> > hacker. The compromised application might try to send private
>> > information somewhere that the evil hacker could access it.
>> > If the compromised application gets a security denial today
>> > the private information is safe. If the application could
>> > simply turn around and tell the system that it should have
>> > the denied access just because it wants it now the ill gotten
>> > information can flow freely into the evil hacker's hands and
>> > there is nothing that a good programmer can do to stop it.
>> >
>> > Remember that what is convenient for the good programmer is
>> > often enabling for the evil programmer.
>> >
>> >> The second part of the problem, I do not understand and would
>> >> appreciate any hint
>> >>
>> >>
>> >> --
>> >> --Thanks,
>> >> Denis
>> >> _______________________________________________
>> >> Application-dev mailing list
>> >> Application-dev at lists.tizen.org
>> >> https://lists.tizen.org/listinfo/application-dev
>>
>>
>>
>> --
>> --Thanks,
>> Denis
>> _______________________________________________
>> Application-dev mailing list
>> Application-dev at lists.tizen.org
>> https://lists.tizen.org/listinfo/application-dev
>
> _______________________________________________
> Application-dev mailing list
> Application-dev at lists.tizen.org
> https://lists.tizen.org/listinfo/application-dev



-- 
--Thanks,
Denis


More information about the Application-dev mailing list