window.opener.document.getElementById("parentId1").value = myvalue not working

javascript security http https
14,501

is there any issue in communicating with a secure child window and a parent page which is not secure?

Yes. HTTP and HTTPS make for separate script origins. (If they were not separate origins then an unprotected page could script into an HTTPS page and change all its content, defeating the purpose of HTTPS.)

If so how can I solve this issue?

  1. Same origin. Serve the parent page through HTTPS, and either put them on the same hostname or set document.domain to a shared parent domain on both documents.

  2. Cross-origin messaging. window.postMessage; if you need to support older browsers (primarily IE<8) then there are horrible backwards compatibility hacks (like communicating through document.cookie or hash navigation).

  3. Server interaction. One document sends the information to the server and the server shares it back with the other document (eg using XMLHttpRequest).

Share:
14,501
Nidheesh
Author by

Nidheesh

Updated on June 04, 2022

Comments

  • Nidheesh
    Nidheesh almost 2 years

    I was trying to get the value from my child.jsp to my parent.jsp using window.opener.document.getElementById("parentId1").value = myvalue;

    Even though there were no errors found in the console the value is not getting in the parent page.

    The child popup window has the url starting like, https://safe.cresecure.net/securepayments..... and the parent page url starts with http://.... is there any issue in communicating with a secure child window and a parent page which is not secure?

    If so how can I solve this issue?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why do I get browser warnings on my new lets encrypt ssl setup?
Is there a security concern exposing NTLM authentication over http or should it only be https?
Express (node.js) using HTTPS and HTTP
Are there any HTTP/HTTPS interception tools other than Fiddler, Charles, Poster, and Achilles?
Is HTTP header Referer sent when going to a http page from a https page?
How can I use JavaScript on the client side to detect if the page was encrypted?
Page loaded over HTTPS but requested an insecure XMLHttpRequest endpoint
WS on HTTP vs WSS on HTTPS
Why am I suddenly getting a "Blocked loading mixed active content" issue in Firefox?
How to redirect all HTTP requests to HTTPS