Exploring the journey of History.js and Same-Origin Policy leading to HTTPS encryption

Utilizing history.js, I am attempting to push a state change from an HTTP site like:

http://www.example.com/some/resource

...to a secure site (payment page), such as:

https://www.example.com/payment/for/some/resource

However, Safari is throwing this error:

SECURITY_ERR: DOM Exception 18: An attempt was made to break through the security policy of the user agent.

...when trying to push the state change with code like:

History.pushState(null, null, new_state_url);
// new_state_url = https://www.example.com/payment/for/some/resource

After investigating, I came across this Stack Overflow question, which points towards the Same Origin Policy being the issue because I am trying to push a state change across different protocols. The suggestion there was to explicitly include the full URL, but even after doing so, I still encountered the same error.

Within my project scope, I am developing a mobile version of my website and want the payment page to load seamlessly using AJAX, similar to my other page loads that utilize jQuery's $.ajax with custom animations resembling those in jQuery Mobile.

Is it feasible for me to successfully push this state change across SSL? If yes, what steps should I take?

javascriptajaxmobilesame-origin-policybrowser-history

Answer №1

Although this response may not directly address the initial query, I have encountered a similar issue in Safari while invoking window.history.replaceState repetitively. Implementing rate limiting in my function calls resolved the security error that was occurring.

Answer №2

When we talk about same origin, it's not just limited to protocols and domains but also includes the combination of protocol, domain, and port.

In your particular situation, it seems like you're facing issues with both the protocol (HTTP vs HTTPS) and ports (80 and 443).

There are several established methods to bypass the Same-Origin Policy (SOP). One approach is to assign the document.domain for both domains with the same custom string:

document.domain = "foo.com";

Another effective technique is to utilize JSONP requests across different domains using a `GET` request.

It appears that utilizing `pushState` may not be suitable for your needs. The History API enables navigation within the same domain without reloading resources while maintaining your browsing history. In this scenario where the domains are completely separate, setting the `document.location` property to the new URL (your secure signin page) would reload the page while preserving your navigational history.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Alert received upon selecting the React icon button

In the login code below, I have utilized FaEye and FaEyeSlash react icons. However, every time I click on them, a warning message pops up. To avoid this issue, I attempted to switch from using tailwindcss to normal CSS. Login.jsx import { useContext, useS ...

javascriptreactjsreact-icons

Tips for designing a versatile component to handle numerous buttons triggering form pop-ups

library used: mui 5.4.1 To implement a TableCell with an IconButton that triggers the opening of a Form, follow this code snippet. const items = [ { id: "001", name: "A", price: 2000 }, { id: "002", name: &q ...

javascriptreactjsmaterial-ui

Use Jquery to apply quotation marks within a blockquote

Here is the code I am working with: $("input[id="+id.slice(0,-1)+"-br-"+brand+"].qnt_to_cart").show(); This code generates: input[id=02620-br-FEBI BILSTEIN].qnt_to_cart However, I need it to look like this instead: input[id="02620-br-FEBI BILSTEIN"].q ...

javascriptjquery

Implementing the 'bootstrap tour' feature in a Ruby on Rails application

I have integrated bootstrap-tour.min.css and bootstrap-tour.min.js into my project. <script type="text/javascript" src='bootstrap-tour.min.js'></script> <link rel="stylesheet" type="text/css" href="bootstrap-tour.min.css"> Her ...

javascriptcssruby-on-railsrubytwitter-bootstrap

The SmoothShading feature of THREE does not alter the geometry

I am having trouble with smooth shading on my model - the polygons are still clearly visible and switching between smooth and flat shading in the three.js inspector isn't making a difference. The OBJ file contains vertex normal data, so I don't t ...

javascriptthree.js

Using AJAX to submit a form with a file to Symfony results in $form->isValid returning false

Utilizing Angular JS code, I employ a method to submit a file and additional fields (along with a CSRF token) to a Symfony controller. var formObject = new FormData; formObject.append('email', self.careers[index].application.email); formO ...

ajaxangularjsformssymfony

When registering the onHardwareBackButton event in Ionic, the back button continues to successfully navigate to the previous page

I recently started working with Ionic and encountered an issue with the onHardwareBackButton event. The event is functioning properly and directing me to the register function, but even after going to the register function, it still navigates back to the p ...

javascriptangularjscordovaionic-framework

What are the steps to utilize vue.js for dynamically adjusting my sidebar based on a URL input?

Greetings to the amazing community of Vue.js enthusiasts, I am a novice looking to develop a single-page web application using vue.js. This application will consist of a fixed header and dynamic body content that changes based on user interactions. Here&a ...

javascripthtmlcssvue.js

Select the correct ID using jQuery

I'm currently working on a project that involves creating a dynamic table populated with data from a database: //[..]Typical code to fetch data from the database //$exp_id is retrieved from the database <td><input = type = 'hidden' ...

phpjqueryajax

Elevate with Ease: Tailwind's Height Transition

I've been attempting to implement a transition effect using TailwindCSS, but I haven't found an updated version with the latest features. Here's the code snippet: <div id="fadeInElement" className={visible ? " w-2/3 px-5 t ...

javascriptcssreactjsjsxtailwind-css

Tips for sending a callback function in Angular following an HTTP request

Currently, I am leveraging an angular controller to make an http post request to my express route. Subsequently, data is dispatched to my Gmail client via nodemailer. Although the $http request functions properly and emails can be received in my Gmail acco ...

javascriptangularjsnode.jsexpress

Finding the Modular Reciprocal with JavaScript

I am attempting to find the value of d by solving the equation ed ≡ 1 mod((p-1)(q-1)), similar to the RSA algorithm. Given e = 5 and (p-1)*(q-1) = 249996 I have experimented with various Javascript code snippets, such as: function calculateModInverse( ...

javascriptalgorithmrsainversemodular-arithmetic

Leveraging the Firebase email trigger extension with JavaScript

Recently, I integrated the email trigger extension for Firebase. Below is the function I am using: firestore .collection("profiledata") .doc(user.uid) .update({ accountStatus: "active", }) .then(() => { // At this p ...

javascriptfirebasegoogle-cloud-firestore

The changing of colors does not function properly when clicked in JavaScript

I am having an issue with a drop-down list that offers two options: blue and green. When I select blue and click on the text input field, its background color alternates between blue and black (the default text field color). The same applies when I choose ...

javascriptjqueryhtmlcss

Tips on using CSS to hide elements on a webpage with display:none

<div class="span9"> <span class="disabled">&lt;&lt; previous</span><span class="current numbers">1</span> <span class="numbers"><a href="/index/page:2">2</a></span> <span class="num ...

javascriptjqueryhtmlcss

Mastering the art of looping through JSON values using AngularJS ng-repeat

Is there a way to use ng-repeat in order to iterate and access the name values: test01, test02, and test03 from my JSON data? Any guidance on how to achieve this using ng-repeat would be greatly appreciated. Thanks in advance! Check out this Fiddle link. ...

javascriptangularjsjsonangularjs-ng-repeat

Unable to locate module during deployment to Vercel platform

I have developed a website using NextJS. It functions perfectly when I run it through npm run dev, but when I try to build and deploy it on Vercel, I encounter an error stating that it cannot find the module. However, the module is found without any issues ...

javascriptgithubnext.jsvercel

The Philosophy Behind Structuring Node.js Modules

There appears to be a common understanding regarding the directory structure in node.js, but I have not come across any official documentation on this topic. Based on my exploration of open source projects, it seems that most projects typically include a ...

javascriptnode.jsdirectory-structure

How can I adjust the position of a target point in the chase camera using THREE.js?

Recently, I've delved into the world of THREE.js and decided to create a game featuring a spaceship as the main element. Utilizing a chase camera for my model, I encountered a challenge where I needed to adjust the camera's position in relation t ...

javascriptthree.js

Iterate through the entire array without including a specific item

I am struggling with looping through an array of items and applying some code to each item while excluding one specific item (the clicked-on item). I have experimented with using splice, but that method ends up removing the array item completely, whereas I ...

javascriptarraysfor-loop