Why does setting document.domain require me to set it in all popups and iframes too?

Question

I'm using a long-polling iframe solution for a chat script. Unfortunately, this requires me to set document.domain='yourdomain.com' in the iframe and main document, because the iframe is a subdomain call.

The huge problem is...now all my other scripts that use popups and iframes are broken. They now require me to put document.domain in them too. It does fix it, but this is not an ideal solution at all. Is there another way around this problem?

Answer 1

Hi Chris,

JavaScript has cross-domain limitations for security issues. The ideal/simple solution is in fact defining the document.domain like you are suggesting.

There are other alternative solutions like JSONP or iFrame proxying. More info here: iFrame Cross domain JavaScript calls (second link in that page doesn't work but here's a good resource iFrame proxying jQuery).

Hope this helps.