javascript SECURITY_ERR:在两个站点上应用 document.domain 时出现 DOM 异常 18。我该如何解决?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10034431/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
SECURITY_ERR: DOM Exception 18 when applying document.domain on both sites. How do I resolve this?
提问by user717236
I have a page at an internal server, server1.mydomain.com/page.jsp and another page at a different internal server, 10.x.x.x:8081/page.aspx.
我在内部服务器 server1.mydomain.com/page.jsp 上有一个页面,在不同的内部服务器上有另一个页面 10.xxx:8081/page.aspx。
On server1.mydomain.com, I set document.domain in page.jsp like this:
在 server1.mydomain.com 上,我在 page.jsp 中设置了 document.domain,如下所示:
//page.jsp on server1.mydomain.com
document.domain = document.domain;
When I issue an alert on document.domain, it comes up as server1.mydomain.com.
当我在 document.domain 上发出警报时,它显示为 server1.mydomain.com。
On the 10.x.x.x server, I set document.domain in page.aspx, as a result, like this:
在10.xxx服务器上,我在page.aspx中设置了document.domain,结果如下:
//page.aspx on 10.x.x.x
document.domain = "server1.mydomain.com";
// test if same-origin policy violation occurs
document.getElementById("div_el").innerHTML = window.top.location.href;
In Safari 5.1.5, an error pops up on the console:
在 Safari 5.1.5 中,控制台弹出错误:
SECURITY_ERR: DOM Exception 18: An attempt was made to break through the security policy of the user agent."
From what I understand, when you set document.domain, the port number is set to null; so, you have to set it on both ends, which I did. Then, this error occurs and I'm scratching my head why. Does this have anything to do with the fact I'm using 10.x.x.x and not an actual domain name?
据我了解,当你设置document.domain时,端口号设置为null;所以,你必须在两端设置它,我做到了。然后,发生此错误,我正在挠头。这与我使用的是 10.xxx 而不是实际域名的事实有关吗?
Thank you.
谢谢你。
回答by
You can only use document.domainto change from a more specific sub domain to a less specific domain. Like...
您只能用于document.domain从更具体的子域更改为不太具体的域。喜欢...
console.log(document.domain); // server1.mydomain.com
document.domain = 'mydomain.com'
console.log(document.domain); // mydomain.com
It can't be used to set to a more specific sub domain or to an entirely different domain.
它不能用于设置为更具体的子域或完全不同的域。
回答by Pointy
You can only set document.domainto its current value or to a super-domain of the current setting. Thus, a page at "foo.something.com" can set it to "something.com", but not "something.else.com".
您只能设置document.domain为其当前值或当前设置的超域。因此,位于“foo.something.com”的页面可以将其设置为“something.com”,而不是“something.else.com”。
