Is http://nonsecure.form.xyz.org and https://secure.form.xyz.org considered different domain? I am asking this because my javascript in secure one cannot call it's parent. Secure domain is inside non-secure domain through an iframe.
EDIT
Conclusion
You can perform cross-domain scripting but cannot perform cross-protocol scripting (e.g. https and http)
While a subdomain is part of the main website, it's considered a separate entity by search engines. People recognized this and decided to use subdomains to organize their website, without allowing certain parts of the site to be indexed by Google. Companies use subdomains for a variety of reasons.
A subdomain name is a piece of additional information added to the beginning of a website's domain name. It allows websites to separate and organize content for a specific function — such as a blog or an online store — from the rest of your website.
Regular domains are your standard URLs like splashthat.com or splashthat. events. Subdomains are a unique URL that lives on your purchased domain as an extension in front of your regular domain like support.splashthat.com or blockparty.splashthat.com.
CORS is not allowing subdomains, so you need to specify them in your server configuration.
What you can do here is set document.domain = "form.xyz.org"
on both sides before attempting any cross-domain scripting.
However, you cannot cross-script between different protocols.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With