Mone
11-09-2006, 05:12 PM
Opera has a strange behavior dealing with cross-frame scripting.
Even if some browsers have "not-so-strict" rules (ie IE6), we can say that a way to make "cross-frame scripting" compatible with most browsers, is to follow mozilla's rules (http://www.mozilla.org/projects/security/components/jssec.html#sameorigin), which IMO make a lot of sense.
The problem is that while in mozilla-based browser the access between http://www.company.com/ and http://www.company.com:8000/ can be authorized setting in both pages document.domain = "company.com"in Opera browsers this is not true, accesses between those pages will throw security exception. Actually there is no known work-around, so to mantain compatibility with Opera browsers you need to bind LS server and web server to the same port and so on different machines.
Even if some browsers have "not-so-strict" rules (ie IE6), we can say that a way to make "cross-frame scripting" compatible with most browsers, is to follow mozilla's rules (http://www.mozilla.org/projects/security/components/jssec.html#sameorigin), which IMO make a lot of sense.
The problem is that while in mozilla-based browser the access between http://www.company.com/ and http://www.company.com:8000/ can be authorized setting in both pages document.domain = "company.com"in Opera browsers this is not true, accesses between those pages will throw security exception. Actually there is no known work-around, so to mantain compatibility with Opera browsers you need to bind LS server and web server to the same port and so on different machines.