Confusion about Chrome's same origin policy: how to get rid of it without asking the user disable security in Chrome?
Question
I am confused : I am developping a web app (HTML/CSS/JS) that loads google+ platform api scripts to create a single log on. It works in firefox but not in Chrome because of the "same origin policy" and I get the "Blocked a frame with origin..." errors.
I am not gonna expect the user to start their Chrome with an option like "--disable-web-security"... , do I ? ;-)
So I am confused : How do I get this to work with Chrome ?
For example : if I try to load :
<script type="text/javascript">
(function() {
var po = document.createElement('script'); po.type = 'text/javascript'; po.async = true;
po.src = 'https://apis.google.com/js/client:plusone.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(po, s);
})();
</script>
I get :
Blocked a frame with origin "https://apis.google.com" from accessing a frame with origin "https://boardlineapp.com". Protocols, domains, and ports must match.
1 answers
solution1
0 2014-04-08 10:14:58
检查您的域协议是否为https:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.