JavaScript permission denied. How to allow cross domain scripting between trusted domains?

Question

We have a .net based application hosted with SAP enterprise portal iframes. The domain of the SAP portal is al.xx.companyname.com. The domain of the .Net ap

Answer 1

The Same Origin Policy is probably so strict that it doesn't make exceptions even with trusted sites.

The cross-browser document.domain property should be able to solve this:

There is one exception to the same origin rule. A script can set the value of document.domain to a suffix of the current domain. If it does so, the shorter domain is used for subsequent origin checks. For example, assume a script in the document at http://store.company.com/dir/other.html executes the following statement:

document.domain = "company.com";