Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m getting this error in Firefox’s Console: SecurityError: The operation is insecure and the guilty is HTML5 feature: window.history.pushState() when I try to load something with AJAX. It is supposed to load some data but Javascript stops executing on error.
I’m wondering why this may be happening. Is this some server misconfiguration? Any help would be appreciated.
UPDATE: Yes, it was a server error with domain name not matching: http://en.wikipedia.org/wiki/Same-origin_policy
Make sure you are following the Same Origin Policy. This means same domain, same subdomain, same protocol (http vs https) and same port.
How does pushState protect against potential content forgeries?
EDIT: As @robertc aptly pointed out in his comment, some browsers actually implement slightly different security policies when the origin is
file:///. Not to mention you can encounter problems when testing locally withfile:///when the page expects it is running from a different origin (and so yourpushStateassumes production origin scenarios, not localhost scenarios)