After a battle I’ve figured this out with the help of this post Setting a domain with Express sessions stops cookie from being saved. The issue comes down to third party cookies. If you’re sending data from server.herokuapp.com to site.herokuapp.com you’re going to have this issue. The solution is to use the same custom domain … Read more
If you want cross domain calls from javascript to WCF you must use JSONP. To add JSONP support to WCF you must define it in WebHttpBinding. The configuration should look like: <bindings> <webHttpBinding> <binding name=”crossDomain” crossDomainScriptAccessEnabled=”true” /> </webHttpBinding> </binding> <behaviors> <endpointBehavior> <behavior name=”restBehavior”> <webHttp /> </behavior> </endpointBehavior> </behaviors> <services> <service name=”…”> <endpoint address=”” binding=”webHttpBinding” bindingConfiguration=”crossDomain” … Read more
Test Results: Bad News, it appears to only work in Chrome. All other browsers (including Android Mobile) give an error like this: Failed: DOM Exception: SECURITY_ERR (18) Mobile Devices I tested Android (samsung galaxy kernel version 2.6.32.9), Iphone and IPAD V1 and it failed in all three. You can test your own mobile device with … Read more
I need to do the same to avoid the usage of a proxy in OpenLayers. Since I’m running Ubuntu 12.04, I’ve installed Tomcat 7.0.55, instead of the default 7.0.26 (installed from packages). To add CORS headers, I simply added to $CATALINA_HOME/conf/web.xml the following lines: <filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> <init-param> <param-name>cors.allowed.origins</param-name> <param-value>*</param-value> </init-param> </filter> <filter-mapping> <filter-name>CorsFilter</filter-name> <url-pattern>/*</url-pattern> … Read more
In order for this to not be restricted by the same origin policy, you will probably need to do this in both the pages: document.domain = “acmssite.com”;
Internet Explorer’s definition of the “same origin” differs to the other browsers. See the IE Exceptions section of the MDN documentation on the same-origin policy: Internet Explorer has two major exceptions when it comes to same origin policy: Trust Zones: if both domains are in highly trusted zone e.g, corporate domains, then the same origin … Read more
This is a bit of a hack because it changes end_headers() behavior, but I think it’s slightly better than copying and pasting the entire SimpleHTTPServer.py file. My approach overrides end_headers() in a subclass and in it calls send_my_headers() followed by calling the superclass’s end_headers(). It’s not 1 – 2 lines either, less than 20 though; … Read more
If you store a reference to the child window when you call window.open(), then you can poll using setInterval() to see whether the window is still open using the window.closed property. The example below checks twice per second. var child = window.open(‘http://google.com’,”,’toolbar=0,status=0,width=626,height=436′); var timer = setInterval(checkChild, 500); function checkChild() { if (child.closed) { alert(“Child window … Read more
The answer can be found in the specification. For img: The crossorigin attribute is a CORS settings attribute. Its purpose is to allow images from third-party sites that allow cross-origin access to be used with canvas. and for script: The crossorigin attribute is a CORS settings attribute. It controls, for scripts that are obtained from … Read more
Unless the third-party server you are communicating specifically supports EasyXDM, it is not appropriate. EasyXDM requires that both sides be using it; it cannot be used to communicate with a service that isn’t using it.