0

I have 2 subdomains:

  • www.example.com = For logged in users only
  • internal.example.com = Public website

Since I use localstorage to store some informations on internal.example.com which I need on www.example.com I had implemented the following solution:

I load on www an iframe located on internal. I set on both sides the document domain value to the "parent domain"

document.domain = "example.com";

Now on www, I can access the localStorage of internal over www by doing the following:

frames['internalFrameName'].window.localStorage;

Now I can read and write values. This works in Chrome and Internetexplorer, and it worked in Firefox until the last update to FF30. Now I get the error:

SecurityError: The operation is insecure.

Any ideas how to fix it?

bernhardh
  • 2,611
  • 7
  • 32
  • 60

2 Answers2

1

You could use a messaging system to communicate between the both frames. Then the iframe can just send you the local storage data.

This might help you with that: How to communicate between iframe and the parent site?

You need to use frames['internalFrameName'].postMessage(message, targetOrigin, [transfer]);

Community
  • 1
  • 1
colburton
  • 4,559
  • 2
  • 21
  • 36
1

Gecko throws the error message when cookies are disabled so besides the object detection for localStorage (which I'm sure you're doing in the code you didn't post) first check for support for cookies.

Change:

if (window.localStorage)

To:

if (document.cookie && window.localStorage)
John
  • 10,154
  • 9
  • 79
  • 143