I hope this question isn't too general. I am unsure where to post for advice on this otherwise:
I have an HTML5 application living on a webpage (to be specific, it's a webGL game published from Unity3D). I want to check the URL the game runs from and if it doesn't match a pre-approved list of URLs, then it should "phone home" and ping a PHP file on my server, which would then record the referring URL, and possibly even email a daily summary of these referrers.
Example use-case: If someone copied the game and installed it on their own website without permission, then this would ping my server and record where the game is.
I know how to check the URL, I know how to call a URL, I know a CRON job will be necessary for the emailing, etc...
What I DON'T know and is the question here is: Is it even possible for the webGL game to silently call my own server from someone else's or will cross-domain security get in the way and block it? Or will it cause a prompt to pop up? Etc? I don't know much about this part and am trying to figure out who I will need to hire and the scope of this job. But if it's not even possible, I'd rather abandon the idea completely.
Just make sure you enable CORS in your "PHP file" here is how:
https://enable-cors.org/server_php.html
...you mentioned "phone home" IF your server is hosted on your home, make sure is accessible from the outside, you will need a static IP and to open the port(s) in the firewall if you have any.
And to answer your question: Yes it is possible to "phone home" silently.
That is what analytics tools do, take a look:
https://unity3d.com/unity/features/analytics