发表新帖
发表新帖

Same origin policy - Subdomains and Root Domain

前端 未结
关注
1 839
死守一世寂寞
死守一世寂寞 2020-12-18 22:02

I have a question regarding the same-origin policy.

My company has many subdomains and in one of them they would like an iframe with another subdomain

相关标签:
1条回答
  • 臣服心动
    2020-12-18 22:12

    The things that define a domain in this context are protocol, port and domain so http://abc.com and https://abc.com are considered different domains by your browser (http vs https).

    http://en.wikipedia.org/wiki/Same_origin_policy#Origin_determination_rules

    https://x.company.org and https://y.company.org are also considered separate domains but they can both relax their domain setting to https://company.org and cross-communicate.

    http://en.wikipedia.org/wiki/Same_origin_policy#document.domain_property

    There's another option available to you now as HTML5 is in all the major browsers. Using the HTML5 postMessage you can communicate across domains, assuming the receiving domain wants to accept the message and respond.

    http://html5demos.com/postmessage2

    0 讨论(0)
 看不清?
提交回复
热议问题