Same origin policy - Subdomains and Root Domain -
i have question regarding same origin policy. company has many subdomains , in 1 of them, iframe subdomain inside of it, , populate form of iframe. have read document.domain property , need set in on 3 domains, can not test due each subdomain belonging different department. here question.
is possible when subdomains both https, , root domain not? looked @ examples on wikipedia, didn't me. appreciated.
example:
http ://company.org
x.company.org have page iframe of y.company.org has form auto populate.
(i know links broken, because can't post more 2 links)
the things define domain in context protocol, port , domain http://abc.com , https://abc.com considered different domains browser (http vs https).
http://en.wikipedia.org/wiki/same_origin_policy#origin_determination_rules
https://x.company.org , https://y.company.org considered separate domains can both relax domain setting https://company.org , cross-communicate.
http://en.wikipedia.org/wiki/same_origin_policy#document.domain_property
there's option available html5 in major browsers. using html5 postmessage can communicate across domains, assuming receiving domain wants accept message , respond.
Comments
Post a Comment