{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 不美不萌又怎样 的问题《Javascript cross domain - “allow” other domains?》','https://www.manongdao.com/q-252015.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Description of steps
- Write "callback" function on my custom page in my domain (called "MyCallbackCallback", for the sake of argument)
- Open new window (from different domain) and pass function name in as part of query string
- New window does what it needs to do then tries to access "MyCallback" from my custom page
This obviously won't work and will return "Access denied" error.
If there was a way of "allowing" the 3rd-party domain access to my domain that would solve the issue, of course. Is there such a thing? I know there is in Action Script, but JavaScript??
NB - I am aware that setting "document.domain" on both pages, (or creating both pages in the same domain) will solve the issue, but I almost certainly won't have this option.
If the answer is "you can't" that's fine - I just need to know. I have spent many hours searching and can't find a simple answer (there may not be one!)
Ta, Rob
It’s not exactly clear from your question, but if you’re trying to use CORS, the server you’re requesting data from should add an
Access-Control-Allow-OriginHTTP header, like so:Or, if it’s a public resource:
Older browsers don’t support CORS. If you need a fully cross-browser-compatible solution, use JSONP.
If you want cross-domain communication without serverside proxies (perfect for the kind of RPC that you are describing) then take a look at easyXDM.
You can find multiple demos here.
Have a look at Cross-Domain AJAX requests:
JSONP is the only method compatible with older browsers though.