All geek questions in one place

SECURITY_ERR: DOM 18 exception when using document.domain on both sites. How to resolve this?

I have a page on the internal server server1.mydomain.com/page.jsp and another page on another internal server, 10.xxx: 8081 / page.aspx.

On server1.mydomain.com, I set document.domain to page.jsp as follows:

//page.jsp on server1.mydomain.com document.domain = document.domain;

When I issue a warning on document.domain, it appears as server1.mydomain.com.

On the 10.xxx server, I set document.domain to page.aspx, as a result, like this:

 //page.aspx on 10.xxx document.domain = "server1.mydomain.com"; // test if same-origin policy violation occurs document.getElementById("div_el").innerHTML = window.top.location.href;

In Safari 5.1.5, a message appears on the console:

 SECURITY_ERR: DOM Exception 18: An attempt was made to break through the security policy of the user agent."

From what I understand, when you set document.domain, the port number is null; therefore, you must install it at both ends, which I did. Then this error occurs, and I scratch my head why. Does this have anything to do with the fact that I'm using 10.xxx and not the actual domain name?

Thanks.

+6
source share
2 answers

You can only use document.domain to move from a more specific subdomain to a less defined domain. How...

 console.log(document.domain); // server1.mydomain.com document.domain = 'mydomain.com' console.log(document.domain); // mydomain.com

It cannot be used to install a more specific subdomain or into a completely different domain.

+15
source

You can only set document.domain to the current value or to the superdomain of the current setting. Thus, the page on the page "foo.something.com" can set it to "something.com", but not "something.else.com".

+3
source

Source: https://habr.com/ru/post/912530/

More articles:


All Articles