I have an intranet site kiosk that needs to open up a popup to another website at a different domain. I want to be able to know whether they are actively working with that popup, and if not, close it after a time period.
I need to access the popup.document after window.open JS command. Due to cross domain protection and same origin policy I cannot.
Google chrome can turn this off explicitly with the flag --disable-web-security. I've tried using The Answer here but it doesn't seem to work. I get "Access Denied" when debugging in visual studio. Currently using IE10.
TL;DR How can I access a popup document object opened with javascript window.open and disable IE10's same origin policy explicitly for a trusted site.
I do not have access to modify anything on the other sites server, it is a partnership site. Also, I have tried going into the security tab and turning off protected mode and enabling all the settings (disabling Xss filter) for internet/intranet/trusted sites. It does not work.
Nobody is reading this question. I DO NOT HAVE ACCESS CHANGE THE OTHER SITE the two that are being voted up both assume I do. If I could change the other site, this would be easy. This is a browser security setting question.
http://blog.cakemail.com/the-iframe-cross-domain-policy-problem/
Using an embeded iframe to the remote site is the simplest solution. This article mentions some IE specific js functions.