How about using cross domain postmessage and iframes?

如何使用跨域 postmessage 和 iframes？

So on your wrong-domain-page you include an iframe that posts messages with the cookie data back.

因此，在您的错误域页面上包含一个 iframe，该 iframe 将带有 cookie 数据的消息发布回来。

Here is a solid example of cross domain postmessages: http://blog.teamtreehouse.com/cross-domain-messaging-with-postmessage

这是跨域 postmessages 的一个可靠示例：http://blog.teamtreehouse.com/cross-domain-messaging-with-postmessage

live example: http://codepen.io/anon/pen/EVBGyz//forked sender code with a tiiiiiny change :) :

现场示例： http://codepen.io/anon/pen/EVBGyz //分叉的发件人代码，有一个 tiiiiiny 变化:)：

window.onload = function() {
    // Get the window displayed in the iframe.
    var receiver = document.getElementById('receiver').contentWindow;

    // Get a reference to the 'Send Message' button.
    var btn = document.getElementById('send');

    // A function to handle sending messages.
    function sendMessage(e) {
        // Prevent any default browser behaviour.
        e.preventDefault();

        // Send a message with the text 'Hello Treehouse!' to the new window.
        receiver.postMessage('cookie data!', 'http://wrong-domain.com');
    }

    // Add an event listener that will execute the sendMessage() function
    // when the send button is clicked.
    btn.addEventListener('click', sendMessage);
}

Receiver code:

接收器代码：

window.onload=function(){
    var messageEle=document.getElementById('message');
    function receiveMessage(e){
        if(e.origin!=="http://correct-domain.com")
        return;
        messageEle.innerHTML="Message Received: "+e.data;
    }
    window.addEventListener('message',receiveMessage);
}

As noticed in your post the localStorage (sessionStorage too) won't be stored on the storage related to the domain api.abc.com. If this was the case, by using CDN version of a library using localStorage you would have to share storage with all the other websites using this library.

正如您在帖子中所注意到的，localStorage（也是 sessionStorage）不会存储在与域 api.abc.com 相关的存储中。如果是这种情况，通过使用 localStorage 使用库的 CDN 版本，您将必须与使用此库的所有其他网站共享存储。

One good solution could be to use an iframe with postMessage as explained in the following stack overflow: use localStorage across subdomains

一个好的解决方案可能是使用带有 postMessage 的 iframe，如以下堆栈溢出中所述： 跨子域使用 localStorage

You might try this cross-storagefrom Zendesk. Basically, There are hubs and clients:

您可以从 Zendesk尝试这种跨存储。基本上，有集线器和客户端：

• hubs: reside on any server, interact directly with LocalStorage API

• clients: load the hub using an embedded iframe, and post messages, interact with data

• 集线器：驻留在任何服务器上，直接与 LocalStorage API 交互

• 客户端：使用嵌入式 iframe 加载集线器，发布消息，与数据交互

Key things is you can configure the permission (get, set, delete) that each host or domain client could have. The library is divided into two types of components: hubs and clients.

关键是您可以配置每个主机或域客户端可能拥有的权限（获取、设置、删除）。该库分为两种类型的组件：集线器和客户端。

Care should be made to limit the origins of the bidirectional communication. As such, when initializing the hub, an array of permissions objects is passed. Any messages from clients whose origin does not match the pattern are ignored, as well as those not within the allowed set of methods. The set of permissions are enforced thanks to the same-origin policy. However, keep in mind that any user has full control of their local storage data - it's still client data. This only restricts access on a per-domain or web app level.

应注意限制双向通信的来源。因此，在初始化集线器时，会传递一组权限对象。来自源与模式不匹配的客户端的任何消息都将被忽略，以及那些不在允许的方法集中的消息。由于同源策略，这组权限得以强制执行。但是，请记住，任何用户都可以完全控制他们的本地存储数据——它仍然是客户端数据。这仅限制每个域或 Web 应用程序级别的访问。