Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

sessionStorage in iframe

Tags:

javascript

iframe

session-storage

I'm going to have several iframes on my page and I'm going to quite intensively use sessionStorage inside them. What I'm curious about is if I will have separate storages or one shared for all iframes? How do the size limits apply?

like image 207
strannik Avatar asked Aug 27 '15 11:08

strannik

People also ask

Is sessionStorage shared between iframes?

The sessionStorage exists only within the current browser tab. Another tab with the same page will have a different storage. But it is shared between iframes in the same tab (assuming they come from the same origin).

Can iframe access parent localStorage?

localstorage is a property of the domain So on the parent, the execution window page is from fiddle.jshell.net and the iframe is from jsfiddle.net , as per your hardcoded iframe src - they are different domains and can't access each other's localstrage.

Does session storage persist across subdomains?

Way to Solution That's because localstorage doesn't support sharing the storage across subdomains or even domain. Thus, if you have something stored at a.example.com it won't be accessible from example.com or b.example.com.

2 Answers

If sessionStorage is shared depends on the iframe's page and it's origin, which is the domain part of the URL. If you have a webpage at http://myserver/test.html and it is including http://thatserver/some.html via an iframe, the iframe's page has the domain thatserver. Thus the origin differs and the sessionStorage won't be shared. But if the iframe's page is http://myserver/some.html it has the same origin and therefore will share the same session storage.

Now there is an additional trick: The sandbox attribute for the iframe. If you write <iframe sandbox> without the value allow-same-origin the content of the iframe gets a unique origin. That means it would get a different sessionStorage regardless of the real origin that page has. You can write <iframe sandbox="allow-same-origin"> to sandbox the content AND let the content of the iframe to have the same origin (but only if if does have the real same origin).

Now special notes: sandboxed iframes won't support localStorage per spec. And in webkit-browsers and mozilla firefox an exception will be thrown if the sandboxed iframe content will try to access sessionStorage.

like image 110
Krassmus Avatar answered Nov 13 '22 21:11

Krassmus

OK, I've made a test myself. At least in Chrome (44) and Firefox (40) the sessionStorage is shared among page and the iframes included if they are of the same domain and do not if they are of different domains.

like image 37
strannik Avatar answered Nov 13 '22 21:11

strannik
Sign in to Comment

Related questions

JQuery Append AJAX
<input> has focus, but can't type in WebKit
calculate time difference in HH:mm format
Continuous color scale from discrete domain of strings?
Maximum base for parseInt()?
How to normalize a list of positive numbers in JavaScript?
Add names of the states to a map in d3.js
Random Color From Array
javascript sort function sorting wrong [duplicate]
javascript sorting array based on another array
Change input value onclick button - pure javascript or jQuery
Use google maps computeDistanceBetween to get the closest location returns NaN
Testing phonegap apps in the browser with Ripple
Append objects in local storage
How to do infinite scrolling with javascript only without jquery
What does the "?" (question mark) mean in javascript? [duplicate]
ExpressJs not loading CSS on certain routes
Can a directive delete itself from a parent scope
Difference between .split(/\s+/) and .split(" ")?
Fabric.js geometric shapes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!