15

for the two hosts

http://1.com.local/
http://2.com.local:8080/

how can I use document.domain to enable DOM-Manipulation between the two? If i set both to com.local it doesn't work, because the 2nd host then gets the domain com.local:8080.

When I try to set the domain of the first one to com.local:8080 manually, the port is just snipped of and the domain remains com.local.

How can I enable DOM-Manipulation in this situation?

F.P
  • 17,421
  • 34
  • 123
  • 189

1 Answers1

23

You cannot. Sorry - same origin is including the ports

You can use CORS and ajax to copy some stuff from one server to the other if you enable this.

mplungjan
  • 169,008
  • 28
  • 173
  • 236
  • 1
    By random chance I found out that if I use localhost:8x for my api server then I don't get the CORS error. If I use my standard 'safe' ports like 1000+ then I do get the CORS error. I haven't found any documentation online that discusses this but it works reliably for localhost testing purposes to get around the CORS error. – user441058 Dec 08 '17 at 21:29
  • Same origin is including ports so if you go from localhost:// to localhost:1000// you are going from port 80 to port 1000 and that is cross origin – mplungjan Dec 08 '17 at 21:32
  • 1
    When using port 8x it isn't applying the CORS policy for localhost. For example localhost:1023 can call localhost:85 with no CORS enforcement. If I switch the api to a non port 8x then CORS policy is enforced. – user441058 Dec 09 '17 at 05:46
  • 1
    Ok - great. I am surprised – mplungjan Dec 09 '17 at 06:03
  • 1
    Same here. It seems pretty random. I googled it try to find something to back it up but I found nothing. Anyway, at work some of us are using port 8x now and it's working fine. Haven't tested it with other browsers though. – user441058 Dec 09 '17 at 17:19