Cross-Domain example causes error in chrome.

This space is made available to users of Open Patent Services (OPS) web-service and now also to users of EPO’s bulk data subscription products such as 14. EPO worldwide bibliographic database (DOCDB), 14.11 EPO worldwide legal status database (INPADOC), 14.12 EP full text data, 14.1 EP bibliographic data (EBD)and more.

Users can ask each other questions, exchange experiences and solutions, post ideas. The moderator will use this space to announce changes or other relevant information.
Post Reply

Posts: 1
Joined: Sat Jun 15, 2013 5:49 am

Cross-Domain example causes error in chrome.

Post by bentwonk » Thu Apr 10, 2014 8:11 am

*Note am having to replace URLs to get past the spam filter, is that really necessary?

I am following the example given in the document :
"Open Patent Services, Cross-Domain Requests Support, Version 1.0.0"

I have upgraded the urls so they point at 3.1, also in order to prevent the error:

"Uncaught SyntaxError: Invalid target origin 'eposite' in a call to 'postMessage'. "

I changed line 18 from

however chrome still generates an error on the cross site file:
Refused to set unsafe header "Origin" in crosssitescript h t m l: line 37

Regards Ben

full test code here (note urls mangles to get past forum spam filter)

Code: Select all

<script language="JavaScript">

function runit() {
    // Get the iframe window object
    var client = document.getElementById('client');
    // Create the data string to be passed to the OPS JavaScript
    var data = "{'url' : 'h:eposite as per doc', " +
	"'method' : 'GET', " +
	"'requestHeaders' : {'Origin': 'eposite','Accept': 'application/json' }, " +
	"'body' : ''" +

    // Use the postMessage() method in order to send the data to the
    // iframe object
    client.contentWindow.postMessage(data, 'h:eposite');
// Add event listener for your window
window.addEventListener("message", receiveMessage, false);
// Method handling window events
function receiveMessage(event) {
    // Check origin of the event!
    if (event.origin == "h:eposite") {
        var dataJSON = eval('(' + + ')');
        // work with data / display data
    else {
        alert("Got message from unknown source.");

    <input type="button" onclick="runit()" value="runit"></input>
    <iframe width=50 height=50 id="client" src="h:eposite as per doc" />

Post Reply