Skip to content Skip to sidebar Skip to footer
Home / Cors / Javascript / Window.open

When Page Is Opened With Window.open, How Can The Opened Page Allow The Opener To Access Its Contents?

Post a Comment
Is it possible for a page opened with window.open to allow itself to be examined by a cross-origin opener? (This is for use in internal applications, so security is not a significa

Solution 1:

The issue was the document.domain. The second site was not in the same domain as the first. As soon as I changed the FQDN of web1 and used document.domain = corp.local the problem was solved.

I missed the exception being thrown by one of the javascript files on document.domain.


Solution 2:

Apparently it is indeed broken in IE if it's cross-domain and between windows (not frames).

Have a look at this question: Is cross-origin postMessage broken in IE10?

Especially the answer by brunolau at the bottom looks promising and may be just what you need. There is hope in IE11, but they also mention an update breaking it again. It's strange to be honest, I can't see a security reason to make it not work with the constraints and considerations already worked out for frames.

On the other hand, I know it doesn't answer your question, but you may want to implement communication through the server anyway, which would remove dependence on browser pecularities (but that may be less of a concern for you if you only wanted to support IE 11).


Post a Comment for "When Page Is Opened With Window.open, How Can The Opened Page Allow The Opener To Access Its Contents?"