please dont rip this site

JavaScript: The Definitive Guide

Previous Chapter 21
JavaScript Reference
Next
 

Document.domain Property

Name

Document.domain Property---the security domain of a document

Availability

Navigator 3.0

Synopsis

document.domain

Description

The domain property of the Document object is used for security purposes when the data-tainting security model is not enabled. Under the non-tainting "default" model, a script running in one window is not allowed to read properties of another window unless that window comes from the same web server as the host. This causes problems for large web sites that use multiple servers. For example, a script on the host www.yahoo.com might want to be able to share properties with a script from the host search.yahoo.com.

The domain property helps to address this problem. Initially, this string property contains the hostname of the web server from which the document was loaded. You can set this property, but only in a very restricted way: it can only be set to a domain suffix of itself. For example, a script loaded from search.yahoo.com could set its own domain property to "yahoo.com". If a script from www.yahoo.com is running in another window, and it also sets its domain property to "yahoo.com", then these two scripts will be able to share properties, even though they did not originate on the same server.

Note, however, that a script from search.yahoo.com can't set its domain property to "search.yahoo". And, importantly, a script from snoop.direct_market.com cannot set its domain to "yahoo.com" to determine, for example, what search keywords you use.

See Also

"Document", Chapter 20, JavaScript Security


Previous Home Next
Document.cookie Book Index Document.embeds[]

HTML: The Definitive Guide CGI Programming JavaScript: The Definitive Guide Programming Perl WebMaster in a Nutshell

file: /Techref/language/java/script/definitive/refp_80.htm, 5KB, , updated: 2019/10/14 15:00, local time: 2024/11/15 02:48,
TOP NEW HELP FIND: 
18.118.28.112:LOG IN

 ©2024 These pages are served without commercial sponsorship. (No popup ads, etc...).Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE. Questions?
Please DO link to this page! Digg it! / MAKE!

<A HREF="http://linistepper.com/techref/language/java/script/definitive/refp_80.htm"> [Chapter 21] Reference: Document.domain</A>

After you find an appropriate page, you are invited to your to this massmind site! (posts will be visible only to you before review) Just type a nice message (short messages are blocked as spam) in the box and press the Post button. (HTML welcomed, but not the <A tag: Instead, use the link box to link to another page. A tutorial is available Members can login to post directly, become page editors, and be credited for their posts.


Link? Put it here: 
if you want a response, please enter your email address: 
Attn spammers: All posts are reviewed before being made visible to anyone other than the poster.
Did you find what you needed?