persistent storage across different subdomains
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I'm trying to figure out how to save data across different subdomains,
I've been researching this a lot and i'm about to give up.
The only solution that works is cookies because i can share them across subdomains but the problem is that those cookies (a bit large in size) sent on every http request to my server which causes issues with the header size.
other alternatives that i've found was the web storage (local storage/session storage ) but it's restricted with SOP , and using an embedded iframe and use postmessage to retrieve and write data is slow because the postmessage api is async which causes data retrieve/write to be slow.
I've tried setting the cookie "path" attribute to some random path and than inject an iframe with that random path and access the cookie via its contentDocument (No SOP restrictions) but again as soon as i append the iframe a network request to that path is executed and the huge header problem again... , I've also tried to use the window.history api to change the path of the document without requesting the new path but i can't access the new path cookies.
Any ideas / alternatives / before i'm giving up and switch to server side storage?
EDIT: i've also tried setting the "document.domain" to bypass the SOP restrictions but thats bad practise to load the main domain in every page just to be able to access its local storage.
javascript html cookies
add a comment |
I'm trying to figure out how to save data across different subdomains,
I've been researching this a lot and i'm about to give up.
The only solution that works is cookies because i can share them across subdomains but the problem is that those cookies (a bit large in size) sent on every http request to my server which causes issues with the header size.
other alternatives that i've found was the web storage (local storage/session storage ) but it's restricted with SOP , and using an embedded iframe and use postmessage to retrieve and write data is slow because the postmessage api is async which causes data retrieve/write to be slow.
I've tried setting the cookie "path" attribute to some random path and than inject an iframe with that random path and access the cookie via its contentDocument (No SOP restrictions) but again as soon as i append the iframe a network request to that path is executed and the huge header problem again... , I've also tried to use the window.history api to change the path of the document without requesting the new path but i can't access the new path cookies.
Any ideas / alternatives / before i'm giving up and switch to server side storage?
EDIT: i've also tried setting the "document.domain" to bypass the SOP restrictions but thats bad practise to load the main domain in every page just to be able to access its local storage.
javascript html cookies
Have you tried whether settingdocument.domain
can help with the SOP issues when it comes to local/sessionStorage?
– misorude
Nov 22 '18 at 12:19
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32
add a comment |
I'm trying to figure out how to save data across different subdomains,
I've been researching this a lot and i'm about to give up.
The only solution that works is cookies because i can share them across subdomains but the problem is that those cookies (a bit large in size) sent on every http request to my server which causes issues with the header size.
other alternatives that i've found was the web storage (local storage/session storage ) but it's restricted with SOP , and using an embedded iframe and use postmessage to retrieve and write data is slow because the postmessage api is async which causes data retrieve/write to be slow.
I've tried setting the cookie "path" attribute to some random path and than inject an iframe with that random path and access the cookie via its contentDocument (No SOP restrictions) but again as soon as i append the iframe a network request to that path is executed and the huge header problem again... , I've also tried to use the window.history api to change the path of the document without requesting the new path but i can't access the new path cookies.
Any ideas / alternatives / before i'm giving up and switch to server side storage?
EDIT: i've also tried setting the "document.domain" to bypass the SOP restrictions but thats bad practise to load the main domain in every page just to be able to access its local storage.
javascript html cookies
I'm trying to figure out how to save data across different subdomains,
I've been researching this a lot and i'm about to give up.
The only solution that works is cookies because i can share them across subdomains but the problem is that those cookies (a bit large in size) sent on every http request to my server which causes issues with the header size.
other alternatives that i've found was the web storage (local storage/session storage ) but it's restricted with SOP , and using an embedded iframe and use postmessage to retrieve and write data is slow because the postmessage api is async which causes data retrieve/write to be slow.
I've tried setting the cookie "path" attribute to some random path and than inject an iframe with that random path and access the cookie via its contentDocument (No SOP restrictions) but again as soon as i append the iframe a network request to that path is executed and the huge header problem again... , I've also tried to use the window.history api to change the path of the document without requesting the new path but i can't access the new path cookies.
Any ideas / alternatives / before i'm giving up and switch to server side storage?
EDIT: i've also tried setting the "document.domain" to bypass the SOP restrictions but thats bad practise to load the main domain in every page just to be able to access its local storage.
javascript html cookies
javascript html cookies
edited Nov 22 '18 at 12:27
avi dahan
asked Nov 22 '18 at 12:14
avi dahanavi dahan
1649
1649
Have you tried whether settingdocument.domain
can help with the SOP issues when it comes to local/sessionStorage?
– misorude
Nov 22 '18 at 12:19
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32
add a comment |
Have you tried whether settingdocument.domain
can help with the SOP issues when it comes to local/sessionStorage?
– misorude
Nov 22 '18 at 12:19
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32
Have you tried whether setting
document.domain
can help with the SOP issues when it comes to local/sessionStorage?– misorude
Nov 22 '18 at 12:19
Have you tried whether setting
document.domain
can help with the SOP issues when it comes to local/sessionStorage?– misorude
Nov 22 '18 at 12:19
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53430807%2fpersistent-storage-across-different-subdomains%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53430807%2fpersistent-storage-across-different-subdomains%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Have you tried whether setting
document.domain
can help with the SOP issues when it comes to local/sessionStorage?– misorude
Nov 22 '18 at 12:19
(If not, it should at least allow iframe access across the subdomain border, so that you would not have to use postMessage, but can access methods and properties of the document loaded into the iframe directly.)
– misorude
Nov 22 '18 at 12:20
@misorude i did read about it but that's a bit like using a bazooka to kill a fly , because i will actually load all the resources and the entire webpage of the main domain every time .
– avi dahan
Nov 22 '18 at 12:24
I don’t see the problem, it will only load what you tell it to load …? If you only want to load something from the main domain to be able to access its storage – well then don’t load your full, main document with s-loads of external scripts, stylesheets and images embedded - but only a minimal document that contains only what you need for this purpose …?
– misorude
Nov 22 '18 at 12:29
@misorude you are right ,but i'm developing a third party js library that others will use so i don't have control over the users servers
– avi dahan
Nov 22 '18 at 12:32