I have two pages: a.example.com and b.example.com
a.example.com includes jQuery
a.example.com contains an iframe pointing to b.example.com
both pages have document.domain set to the same parent domain, example.com
How can I use the jQuery include from a.example.com to call $.ajax({ url: " b.example.com " }) from inside the b.example.com iframe?
In other words: Both pages can currently access the Javascript of one another, but I can not get the AJAX call to function without throwing XSS errors. That is, without including jQuery on b.example.com too. How do I avoid including jQuery twice?
Example of the contents of the iframe:
<script>
document.domain = "example.com";
function proxyAjax() {
var jQueryParent = parent.$.sub();
// Chrome gives error: XMLHttpRequest cannot load http://b.example.com/. Origin http://a.example.com/ is not allowed by Access-Control-Allow-Origin.
jQueryParent.ajax({
url : "http://b.example.com/",
success : function() {
console.debug("Success");
}
});
}
proxyAjax();
</script>
No comments:
Post a Comment