I was using the “MSXML2.XMLHTTP.3.0” activeX object to create connections to the CRM service and the code that I had previously written and tested as working was suddenly failing. The error was occurring on the open method and the exception was “[object Error]”. Looking at the exception.message property, the error was “Access is denied”
After some digging and some providence, I found out that the error would happen only when I hit the URL as “http://www.company.com/…..” but not if I hit the url with “http://company/…..”
Turns out the “Access is Denied” is being thrown because of cross-site scripting restrictions that are imposed on the XmlHttp object.
Here is the original way I was creating the URL:
oDataEndpointUrl = Xrm.Page.context.getServerUrl() + "/XRMServices/2011/OrganizationData.svc
So getServerUrl() was not returning the url correctly formatted based on how users were navigating to the page.
To overcome the issue I used the following code:
oDataEndpointUrl = "/" + Xrm.Page.context.getOrgUniqueName() + "/XRMServices/2011/OrganizationData.svc";
This makes the URL relative and hence I was able to get around the cross-site scripting issue.
Note: another way to get around this issue is if you add the URLS to the same zone in Internet Explorer.
About Native XMLHTTP: http://msdn.microsoft.com/en-us/library/ms537505(v=VS.85).aspx