We've been bugged by a really annoying "Access Denied" JavaScript error when we try to access the DOPE-menu on one of our sites. It turns out that it's because we set the "document.domain" to the top-level domain of the site to enable cross-subhost scripting; www.xxx.yyy -> xxx.yyy Naturally, the popup created with the "window.createPopup();" method does not inherit the current "document.domain" setting of the opener window, but gets set to the current hostname. Which means the created popup is not accessible after it's been created. Please advice if you're not allowed to make changes to the "contextmenu.js" file, but there is a workaround that looks like this; ContextMenu.prototype.CreatePopupWindow = function () { var orgDomain = document.domain; // Save current setting document.domain = location.hostname; // Set to hostname if(this.baseMenu && this.baseMenu.popupWindow!=null) this.popupWindow = this.baseMenu.popupWindow.document.parentWindow.createPopup(); else this.popupWindow = window.createPopup(); this.popupWindow.document.domain = orgDomain; // Set to wanted document.domain = orgDomain; // Reset ... } You get the point...