Login/Register
Uncaught Error: SECURITY_ERR: DOM Exception 18 when I try to set a cookie
Asked Answered
Solved javascriptjqueryhtmldomexception
B

9

122

I get the following error in Chrome's developer tools window when I try to set a cookie using this jQuery plugin:

Uncaught Error: SECURITY_ERR: DOM Exception 18

What does this error mean and how can I fix it? I get the same error when I use this jQuery plugin.

Boon answered 24/4, 2010 at 15:12 Comment(1)
If your problem is related with canvas. This is the answer #2390732Shifra
R
152

You're most likely using this on a local file over the file:// URI scheme, which cannot have cookies set. Put it on a local server so you can use http://localhost.

Roofdeck answered 24/4, 2010 at 15:43 Comment(9)
Wow, I'm surprised that you were able to figure out what this error message means. Talk about vague errors... Thanks man.Boon
Also happened for me using getImageData() on a canvas when loaded from file://.Dupondius
Good call, also happens when calling getImageData() for an image loaded from another host. Moving the file to the same domain/protocol/etc. fixes it.Instalment
@Dupondius Thanks - I was having exactly this problem.Creolacreole
it will also hit if you try to replace the url in the history with a different domain. Seems to be a very generic "you did something the security manager didn't like" error.Jake
Pro tip: if you have Python installed, simply type python -m SimpleHTTPServer in the root directory of your site, and find it hosted at localhost:8000.Hammy
For Python 3, to get the same effect you need to do python -m http.server 8000Dimple
If you are a iOS developer, You might be interested to know that I also experienced this issue while trying to use localStorage after loading the HTML directly into the UIWebView control. #11371941Gord
I get the issue on accessing a file on a different domain!Aylmar
H
18

I also had this issue while developping on HTML5 in local. I had issues with images and getImageData function. Finally, I discovered one can launch chrome with the --allow-file-access-from-file command switch, that get rid of this protection security. The only thing is that it makes your browser less safe, and you can't have one chrome instance with the flag on and another without the flag.

Hollingsworth answered 12/3, 2011 at 15:46 Comment(1)
When you use --allow-file-access-from-files (notice it's now plural) you have to remember that the switch only takes effect if there aren't any other instances of Chrome already running.Moorings
S
11

You can also "fix" this by replacing the image with its inline Base64 representation: 

img.src= "data:image/gif;base64,R0lGODlhCwALAIAAAAAA3pn/ZiH5BAEAAAEALAAAAAALAAsAAAIUhA+hkcuO4lmNVindo7qyrIXiGBYAOw==";
Useful, when you do not intend to publish the page on the web, but instead use it on local machines only.

Sather answered 3/6, 2011 at 12:18 Comment(2)
Any idea how to get the base64 representation of a canvas in such a way that it doesn't throw this error?Phobe
var canvas = document.createElement("canvas"); canvas.width = 128; canvas.height = 128; var ctx = canvas.getContext('2d'); ctx.fillRect(25,25,100,100); ctx.clearRect(45,45,60,60); ctx.strokeRect(50,50,50,50); return ctx.getImageData(0, 0, 128, 128);Penland
F
10

Faced with the same situation playing with Javascript . Unfortunately Chrome doesn't allow to access javascript workers stored in a local file.

One kind of workaround below using a local storage is to running Chrome with --allow-file-access-from-files (with s at the end), but only one instance of Chrome is allowed, which is not too convenient for me. For this reason i'm using Chrome Canary, with file access allowed.

BTW in Firefox there is no such an issue.

Flare answered 18/4, 2012 at 11:21 Comment(1)
I wish I could upvote more than once. Your answer just saved me TONS of time banging my head against the screen!! Many, many thanks!!Betti
S
5

This error pops up, if you try to create a web worker with data URI scheme.

var w = new Worker('data:text/javascript;charset=utf-8,onmessage%20%3D%20function()%20%7B%20postMessage(%22pong%22)%3B%20%7D'); w.postMessage('ping');

It's not allowed according to the standard: http://www.whatwg.org/specs/web-apps/current-work/multipage/workers.html#dom-worker

Sculpturesque answered 4/10, 2011 at 21:24 Comment(0)
U
4

I had this issue when using the history API. 

window.history.pushState(null, null, URL);

Even with a local server (localhost), you want to add 'http://' to your URL so that you have something similar to: 

http://localhost...
Unleavened answered 8/5, 2013 at 4:13 Comment(0)
H
3

I wasn't completely happy by the --allow-file-access-from-files solution, because I'm using Chrome as my primary browser, and wasn't really happy with this breach I was opening.

Now I'm using Canary ( the chrome beta version ) for my development with the flag on. And the mere Chrome version for my real blogging : the two browser don't share the flag !

Hollingsworth answered 8/8, 2011 at 17:32 Comment(1)
To those of you curious, it is now --allow-file-access-from-files (with an s)Uncivil
N
2

One can also receive this error if using the new (so far webkit only) notification feature before getting permission.

First run:

<!-- Get permission -->
<button onclick="webkitNotifications.requestPermission();">Enable Notifications</button>

Later run:

// Display Notification:
window.webkitNotifications.createNotification('image', 'Title', 'Body').show();

The request permission functions needs to be triggered from an event caused by the user, otherwise it won't be displayed.

Nickell answered 8/8, 2012 at 19:18 Comment(0)
C
1

I was been getting that error in mobile safari when using ASP.NET MVC to return a FileResult with the overload that returns a file with a different file name than the original. So,

return File(returnFilePath, contentType, fileName);

would give the error in mobile safari, where as

return File(returnFilePath, contentType);

would not.

I don't even remember why I thought what I was doing was a good idea. Trying to be clever I guess.

Cleave answered 11/9, 2012 at 3:32 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.