Cross-domain policy refers to the browser restrictions on script, stylesheet, and plugin execution across domains, protocols, and ports.
Questions tagged [cross-domain-policy]
201 questions
0
votes
0 answers
Inconsistency in performing Cross Origin requests using actionscript
I am using an SWF generated from the following action script to make cross origin calls from the SWF hosted on http://something.subdomain.victim.com:8000/ to http://victim.com/a?secret=test.
https://victim.com has a permissive crossdomain.xml at…
hax
- 282
- 1
- 17
0
votes
0 answers
Render dynamic content in iframe base on parent
I want to display my website in iframe of other domain(s). When displayed in iframe of that domain, I want to perform some actions like hiding/displaying content. Pages from my website are also iframed in same domain as well. So there is dynamic…
Mahesh
- 1
- 1
0
votes
1 answer
Ignore large amount of sites with TCP/IP Sockets policy file for Flash
Let me explain my situation. I'm using flash sockets to build an embedded chat application. everything works great. I want to allow all the sites who embedded this application to connect to my server, except for some sites.
My problem is that the…
Doua Beri
- 10,612
- 18
- 89
- 138
0
votes
1 answer
How to capture all the user navigations from an external website opened in an IFrame?
I am able to capture the user navigations from an external website opened in an IFrame into a variable and i am able to display the location in console. But i want to capture all the user navigations into an array or a text file. Please help me with…
ConfusedMap
- 51
- 7
0
votes
1 answer
iframe click event to change location/URL (cross domain but have control of both domains)
I'm working on a site which comprises off the main site - then campaign sites which are off-shoots.
The campaigns are on a separate domain (but I have access to both).
The campaigns are pulled into the main site via an iframe and each iframe will…
user194919
0
votes
1 answer
Firebase Dynamic Link CORS - XMLHttpRequest
I'd like to shorten my URL's using the Firebase Dynamic Link shortener. I followed the Rest API reference and the code seems to check out:
const url ="https://firebasedynamiclinks.googleapis.com/v1/shortLinks?key=MY_API_KEY";
this.request = new…
Titulum
- 9,928
- 11
- 41
- 79
0
votes
1 answer
Open and write to a new window but forcing it to be cross domain
I need to open a new window and write some user supplied html with possible css and javascript.
I do not want them to have access to any of the cookies or give them access to anything else from the main webpage.
Currently with:
var text =…
Chris Hunter
- 73
- 1
- 8
0
votes
1 answer
Why are Google cookies getting sent to third-party website even after completely cleaning my browser?
I just cleared all my browser's data and opened a new Incognito window.
I navigated to askubuntu.com and logged in.
Interesting, in one of the first requests cookies are getting sent back to askubuntu that appear to be of the Google Analytics…
CodyBugstein
- 21,984
- 61
- 207
- 363
0
votes
0 answers
Cross origin warning for frame within a frame when changing page within frame
UPDATE: The problem only occurs in code which uses the "parent." variables. Removing that code fixed the problem:
I'm trying to present an online experiment within an iframe, but whilst the participant can start the experiment, as soon as they go…
beepingbopping
- 150
- 13
0
votes
1 answer
Cross domain issue with font-face and Apache load balancer
I have 2 application nodes behind an apache load balancer which looks like this:
ProxyRequests off
BalancerMember http://192.168.1.14:80
BalancerMember http://192.168.2.15:80
ProxySet…
Galanx
- 139
- 1
- 12
0
votes
1 answer
Cross-Domain OAuth Requests
I've successfully managed to get an OAuth access token and am able to make requests on behalf of the user. I did, however, run into an interesting scenario early on when I made an accidental typo.
My initial page was: http://www.example.com where I…
Paul Calabro
- 1,748
- 1
- 16
- 33
0
votes
2 answers
Difference beetween http://www.app.in and http://app.in
What is the difference between http://www.app.com and http://app.com
and how it affects to cross-domain policy of Ajax
I mean i added ajax request in app
$.ajax({
type: "POST",
url:…
Tushar Ahirrao
- 12,669
- 17
- 64
- 96
0
votes
2 answers
CORS Cross Domain Policy issues when perform an API call, how to configure Retrofit2 for such situation
Please bear with me if my post title seems vague, as Im not entirely knowledgeable on web/server components and terminologies, any corrections will be appreciated upon stating the issue.
Way back days ago, I'm doing good with API calls, smooth…
Robert
- 141
- 1
- 13
0
votes
0 answers
Parsing the HTTP Response from an AJAX call into a jQuery object
I've been searching all over for a solution to this and maybe I'm just assuming that this is possible when it's really not, but here's the situation:
I have an AJAX request that I'm using to try and pull in an XML file from a public service -
var…
Derek
- 112
- 1
- 9
0
votes
0 answers
unable to access cross domain xml using AJax
In my web applicaiton I am trying to access live forex rates provided by FXCM using ajax. but when ever an ajax request is fired it is unable to access the xml response from particular FXCM domain and console shows
No 'Access-Control-Allow-Origin'…
Faisal Naseer
- 4,110
- 1
- 37
- 55