5

I haven't been able to get something like this to work:

var myWorker = new Worker("http://example.com/js/worker.js");

In my Firebug console, I get an error like this:

Failed to load script: http://example.com/js/worker.js (nsresult = 0x805303f4)

Every example of web worker usage I've seen loads a script from a relative path. I tried something like this, and it works just fine:

var myWorker = new Worker("worker.js");

But what if I need to load a worker script that's not at a relative location? I've googled extensively, and I haven't seen this issue addressed anywhere.

I should add that I'm attempting to do this in Firefox 3.5.

mattblodgett
  • 285
  • 4
  • 11
  • Hi there, can you elaborate and tell us more about the Worker class? is this not working in FF3.5 only or all browsers? – mauris Oct 11 '09 at 01:52
  • Here's the official Mozilla documentation on the Worker class: https://developer.mozilla.org/En/DOM/Worker Firefox is the only browser I care about. I eventually want to use web workers in a Greasemonkey script I'm working on. – mattblodgett Oct 11 '09 at 02:04

3 Answers3

9

For those that don't know, here is the spec for Web Worker: http://www.whatwg.org/specs/web-workers/current-work/

And a post by John Resig: http://ejohn.org/blog/web-workers/

Javascript, generally, can't access anything outside of the url that the javascript file came from.

I believe that is what this part of the spec means, from: http://www.w3.org/TR/workers/

4.2 Base URLs and origins of workers

Both the origin and effective script origin of scripts running in workers are the origin of the absolute URL given in that the worker's location attribute represents.

This post has a statement about what error should be thrown in your situation: http://canvex.lazyilluminati.com/misc/cgi/issues.cgi/message/%3Cop.u0ppu4lpidj3kv@zcorpandell.linkoping.osa%3E

idleberg
  • 12,634
  • 7
  • 43
  • 70
James Black
  • 41,583
  • 10
  • 86
  • 166
  • The meaning of "origin" is a bit unclear. If you look at the WHATWG documentation, where it discusses the "origin", there's this note: "Thus, scripts must be external files with the same scheme as the original page: you can't load a script from a data: URL or javascript: URL, and a https: page couldn't start workers using scripts with http: URLs." Check it out under point #3 here: http://www.whatwg.org/specs/web-workers/current-work/#worker – mattblodgett Oct 11 '09 at 02:17
  • I found the post about the missing error message interesting for that reason, as you are correct, it does appear to be more ambiguous than I would like to see in a spec. I think the javascript security model will be the issue, but, given the fact that there are ways to work around that, you can try to work around loading javascript files from other urls and then see if the web worker works from an absolute url. – James Black Oct 11 '09 at 02:21
  • "...you can try to work around loading javascript files from other urls and then see if the web worker works from an absolute url." Can you elaborate on that? I don't understand what sort of workarounds you're talking about. – mattblodgett Oct 11 '09 at 02:31
  • @mattblodgett - I haven't tried it, but you can look at this and see if it helps: https://developer.mozilla.org/En/HTTP_access_control – James Black Oct 11 '09 at 02:41
  • And to clarify, the error you are getting is NS_ERROR_DOM_BAD_URI: http://twpol.dyndns.org/mozilla/misc/nserror?0x805303F4 To make sure you are aren't having origin issues, make sure you are not loading the script from two different domains. – sdwilsh Oct 11 '09 at 15:34
  • In the past 3 years there have been changes, so yes, CORS could be helpful, but there are security risks as shown here: http://media.hacking-lab.com/scs3/scs3_pdf/SCS3_2011_Roethlisberger.pdf – James Black Oct 20 '12 at 00:33
  • Is the fileSystem API based upon this Cross-Origin Policy too? – Cody Aug 09 '13 at 18:58
  • Look at the answer to this question: http://stackoverflow.com/questions/13752984/html5-file-api-downloading-file-from-server-and-saving-it-in-sandbox – James Black Aug 11 '13 at 13:57
3

According to the Web Worker draft specification, workers must be hosted at the same domain as the "first script", that is, the script that is creating the worker. The URL of the first script is what the worker URL is resolved against.

Brian Campbell
  • 322,767
  • 57
  • 360
  • 340
0

Not to mention...

Just about anytime you have a Cross-Origin Restriction Policy, there's no counterpoise to the file system (file://path/to/file.ext) - Meaning, the file protocol triggers handling for this policy.

This goes for "dirty images" in the Canvas API as well.

Hope this helps =]

Cody
  • 9,785
  • 4
  • 61
  • 46