SECURITY_ERR: DOM Exception 18 when applying document.domain on both sites. How do I resolve this?
You can only set document.domain
to its current value or to a super-domain of the current setting. Thus, a page at "foo.something.com" can set it to "something.com", but not "something.else.com".
user717236
Updated on June 04, 2022Comments
-
user717236 almost 2 years
I have a page at an internal server, server1.mydomain.com/page.jsp and another page at a different internal server, 10.x.x.x:8081/page.aspx.
On server1.mydomain.com, I set document.domain in page.jsp like this:
//page.jsp on server1.mydomain.com document.domain = document.domain;
When I issue an alert on document.domain, it comes up as server1.mydomain.com.
On the 10.x.x.x server, I set document.domain in page.aspx, as a result, like this:
//page.aspx on 10.x.x.x document.domain = "server1.mydomain.com"; // test if same-origin policy violation occurs document.getElementById("div_el").innerHTML = window.top.location.href;
In Safari 5.1.5, an error pops up on the console:
SECURITY_ERR: DOM Exception 18: An attempt was made to break through the security policy of the user agent."
From what I understand, when you set document.domain, the port number is set to null; so, you have to set it on both ends, which I did. Then, this error occurs and I'm scratching my head why. Does this have anything to do with the fact I'm using 10.x.x.x and not an actual domain name?
Thank you.
-
user717236 about 12 yearsThank you for your help. Yes, I think I understand it a bit better, now. These two hosts cannot communicate with each other with document.domain, as it is set up. I'll have to think of something else. Thanks again.