Name
HTMLDocument.domain: the security domain of a document â DOM Level 0
Synopsis
String domain
Description
According to the DOM Level 2 HTML standard, the domain property is simply a read-only
string that contains the hostname of the web server from which the
document was loaded.
This property has another important use (although this use has
not been standardized). The same-origin security policy (described
in The Same-Origin Policy) prevents a script in
one document from reading the content of another document (such as a
document displayed in an <iframe>) unless the two documents
have the same origin (i.e., were retrieved from the same web
server). This can cause problems for large web sites that use
multiple servers. For example, a script on the host http://www.oreilly.com might want to read the content of
documents from the host search.oreilly.com.
The domain property helps
to address this problem. You can set this property but only in a
very restricted way: it can be set only to a domain suffix of
itself. For example, a script loaded from search.oreilly.com could set its own domain property to "http://oreilly.comâ. If a script from http://www.oreilly.com is running in another window, and it
also sets its domain property to
"http://oreilly.comâ, then each script can read
content from the other scriptâs document, even though they did not
originate on the same server. Note, that a script from search.oreilly.com cannot set its domain property to âsearch.oreillyâ or to â.comâ. ...
Get JavaScript: The Definitive Guide, 5th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
