开发者

How to solve this weird cross domain issue?

Basically my application is in a social network where in my application's page they create an iframe with their (not mine) URL to "renderer" which then takes (don't ask how) my code (html, js) and places in the body tag of this iframe.

Since I need to be able to run the iframe's JavaScript functions I decided not to create an another ifra开发者_如何学Pythonme with my application URL, but with ajax calls just load my application's content in the body of their iframe. This way I could be able to run their JavaScript functions. If I would create my iframe within their iframe then I couldn't run them because of the cross domain stuff, right?

However when I perform ajax calls with jQuery to my application they are performed from the social network (since the iframe is their, just my body code) and thus no session cookies which are saved on my application domain are available for the ajax calls from this iframe.

What I think is I need to create an iframe (dooh) within the social network's iframe, but how to overcome the cross domain issues to access the JavaScript functions in the parent iframe?

P.S. Sorry for the long explanation. Wanted to make it clear for everyone.


There is no way to read a cookie from another domain.

Either the AJAX is failing because you are using XHR and you are getting blocked by the Same Origin Policy. Or, you are using JSONP, and the cookie is not being set.

If you are using XHR, switch to JSONP.

Using JSONP you won't be able to set cookies. JSONP just loads a script by setting the src of a script tag, and cookies can't be set in this way (nevermind that they can't be set from another domain).

You'll have to manage state manually by passing the session id with each JSONP request.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜