Cross-domain refers to web applications that communicate outside of their hosting domain / web server. This can be in the form of network requests to other servers or sharing data with DOM components served from different domains composed on the same web page.
141
votes
11answers
112k views
Access-Control-Allow-Origin Multiple Origin Domains?
Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header?
I'm aware of the *, but it is too open. I really want to allow just a couple domains.
As an example, ...
97
votes
6answers
139k views
Unsafe JavaScript attempt to access frame with URL
I am getting the below error when i try to set a hash value to the parent url from iframe which contains another domain url:
Unsafe JavaScript attempt to access frame with URL "URL1" from frame ...
87
votes
10answers
132k views
JQuery ajax cross domain
I am fed up with this problem. Here is two pages, test.php and servertest.php.
test.php
<script src="scripts/jq.js" type="text/javascript"></script>
<script>
...
47
votes
5answers
49k views
Error handling in getJSON calls
How can you handle errors in a getJSON call? Im trying to reference a cross-domain script service using jsonp, how do you register an error method?
46
votes
7answers
20k views
Why does canvas.toDataURL() throw a security exception?
Did I not get enough sleep or what? This following code
var frame=document.getElementById("viewer");
frame.width=100;
frame.height=100;
var ctx=frame.getContext("2d");
var img=new Image();
...
36
votes
1answer
11k views
Why don't I get a 'same origin policy' warning when using the Google Maps API?
I'm making a RESTful web service call in my JavaScript page and get the following warning:
"This page is accessing information that is not under its control. This poses a security risk. Do you want ...
google-maps
35
votes
1answer
6k views
Are different ports on the same server considered cross-domain? (Ajax-wise)
Can XMLHttpRequest send a request to http:// mydomain.com:81/ from http:// mydomain.com/ ?
33
votes
10answers
19k views
PHP Sessions across sub domains
I am trying to set up the following:
auth.domain.com
sub1.domain.com
sub2.domain.com
where if the user visits sub1.domain.com or sub2.domain.com and they are not logged in, they get pushed over to ...
32
votes
4answers
55k views
“Origin null is not allowed by Access-Control-Allow-Origin” in Chrome. Why?
I am working on some Javascript to run locally on my PC. I am using a jQuery CSV plugin (http://plugins.jquery.com/project/csv) to load load a csv file into javascript arrays. The script is simple:
...
32
votes
8answers
18k views
What's your favorite cross domain cookie sharing approach?
I see iframe/p3p trick is the most popular one around, but I personally don't like it because javascript + hidden fields + frame really make it look like a hack job. I've also come across a ...
30
votes
7answers
31k views
IE9 blocks download of cross-origin web font
This is driving me crazy.
Just testing a site on IE9 and discovered that the 'live' version is rendering a web font I am using smaller than on the dev version.
Here is a selection of screen grabs:
...
27
votes
2answers
19k views
jQuery: sending credentials with cross-domain posts?
According to Requests with credentials, Firefox will only send credentials along with cross-domain posts if
invocation.withCredentials = "true";
is set… But it doesn't seem like jQuery's Ajax API ...
27
votes
4answers
18k views
IE9 jQuery AJAX with CORS returns “Access is denied”
The following works in all browsers except IE (I'm testing in IE 9).
jQuery.support.cors = true;
...
$.ajax(
url + "messages/postMessageReadByPersonEmail",
{
...
26
votes
6answers
15k views
JavaScript: How do I create JSONP?
I have a two domains, example1.com and example2.com
From example1.com, I would like call a JSON API I have on example2.com. Knowing that this is not allowed, it occurred to me - this is exactly why ...
25
votes
10answers
24k views
Jquery $.ajax fails in IE on cross domain calls
I am doing a cross domain request using $.ajax , it works on firefox and chrome but does not issue a call on IE 7,8. can anyone tell me whats wrong with the following??
I have used JSON, JSONP, left ...
Related Tags
javascript × 1007jquery × 604
ajax × 583
iframe × 301
php × 218
jsonp × 196
json × 157
xmlhttprequest × 119
jquery-ajax × 115
cors × 111
html × 108
cookies × 104
security × 96
flash × 78
asp.net × 75
internet-explorer × 69
silverlight × 67
wcf × 57
same-origin-policy × 56
html5 × 54
http × 52
actionscript-3 × 50
web-services × 50
c# × 47
google-chrome × 47