Forum Moderators: open
I'd like to do the following:
-Javascript running in domain abc.com, create an 1x1 IFRAME. The IFRAME contains a form.
-Javascript then using HTTPS POST request, to post the form data to a different domain def.com.
The question is:
-With this implementation, will the POST request get blocked by some browser, or by the firewall, in other words, is this POST request reliable?
Somebody told me that this implementation is not reliable because it can be blocked by some firewall, but I didn't think so.
I was wondering if anyone has the experiences on this can share.
Thanks.
These restictions are complicated to work around in HTTP, and I expect even more so in HTTPS.
Consider, instead, generating a form (hidden if you must keep it a secret) in your main document, and specify a target to which to send the POST data. If you need data from 'abc.com' to be sent to 'def.com' (and I assume here both of these are under yor control), the best option is to simply tell the server at 'abc.com' to send the data or tell 'def.com' to ask for it, server to server.
Ultimately, if you absolutely need the data to pass though the browser (and I still assume both are under your control), build a iframe Cross Site scripting box (as outlined and demonstrated by a nice fellow at: [tagneto.blogspot.com ]) to import the data before generating a form in your main document, which you can then target to where you want the POST data sent.
I personally use the framed Cross-domain in a major coding project. It works, though it does have a tendency to pop a couple of new windows if either of the servers is too busy to respond immediately.
Does this help you get on with your project?
Thanks for your reply. It's very helpful
