0

Is it possible to apply Same Origin Policy Restriction on the contents serving from sub domain Iframe to main domain? IF possible then please provide any example.

Thanks in advance!

Update-

Actually i am using iframe to serve downloads on a site. Iframe method is working fine for contents from other site but when using it with subdomain then its opening the content directly. This is my problem

user2572943
  • 135
  • 1
  • 2
  • 10

1 Answers1

0

Well, what about not using the "main" domain? This is one of the cases where it's quite handy to have a http://www.something.com/ address rather than http://something.com/. Now eg. http://data.something.com/ isn't a sub-domain of http://www.something.com/ and so you can do things like limiting the sending of cookies, and same origin policies.

Luaan
  • 62,244
  • 7
  • 97
  • 116
  • actually i am using iframe to serve downloads from subdomain to main domain. Iframe method is working fine for contents from other site but when using it subdomain then its opening the content directly. this is my problem – user2572943 Feb 07 '14 at 15:25
  • @user2572943 Ah... why don't you use the `Content-Disposition` header inside the IFrame's page? Just set that to `attachment; filename=somefile.txt` and it should make the browser download the file rather than trying to open it directly. – Luaan Feb 07 '14 at 15:27
  • http://stackoverflow.com/questions/6722716/how-to-download-file-from-server-using-jquery-ajax-and-spring-mvc-3 check option 1 of selected answer – user2572943 Feb 07 '14 at 15:31