This post will discuss and provide several solutions to "Access to restricted URI denied" error. This error is thrown in Firefox browser, while making AJAX request that does not comply with the browser's security policies.
The error occurs when application tries to do an AJAX request that does not comply with the same-origin policy or tries to access a local resource (file on your hard drive with a path like file://c:/Users/etc.). To solve this problem you need to change the URI to your files so that it appears as if they were on the same domain as the page your AJAX script is calling it from.
Let's try to reproduce the error.
$(document).ready(function(){
// Try to load content from the hard drive
$.get('file:///Users/path-to/seed-data.js', function(data){
console.log(data);
});
// Try to load content from another domain
$.ajax({
url: "http://www.google.com/some-file.html",
}).done(function(data) {
console.log(data);
});
// Try to load content from the same domain, but different protocol
// Assume we are on http://www.example.com page and trying to access
// page on the same secure domain "https"
$.get('https://www.example.com/seed-data.js', function(data){
console.log(data);
});
});
The examples above will result in the following error in your JavaScript console.
Access to restricted URI denied" code: "1012
xhr.open(type, s.url, s.async);
Reasons
In the first example, the reason for the error is Firefox's security model that does not allow retrieving/accessing resources localhost resources.
In the second example, Firefox enforced "same origin" security policy that does not allow accessing resources from other domains (NOTE: www.example.com and example.com are considered two different domains as well).
In the third example, we tried to access resources using different protocol (https). Don't forget
HTTP
andHTTPS
are two different protocols.
Solutions
In order to solve the "Access to restricted URI denied" error, you need to identify which of the reasons above is causing your script to throw an error and fix it with one of the solutions below.
First problem: Deploy files to a web server or alternatively run one locally (ex. XAMPP). Once deployed, access your page from your domain (http://www.your-domain.com/page.html or http://localhost:port/page.html).
To access resources from other domains you have to overcome the "same origin policy". This can be done by putting a simple proxy script on your own domain and it would appear as if you are fetching resources from your own domain. You can find description and an example proxy script in “Cross domain AJAX scripting” post.
The solution to the last method is usually easy. In most cases it is either putting or removing "s" to/from "http". But for cases when you have to grab content from URL using different protocol, your only solution is to use proxy script described in the second solution.
If this post does not cover your case please leave a comment with reproducable code or a link to fiddle page. If you found this post helpful, please share/like it.