What is the difference between http://www.app.com and http://app.com
and how it affects to cross-domain policy of Ajax
I mean i added ajax request in app
$.ajax({
type: "POST",
url: "http://app.in/getToken",
contentType: "text/html",
success: function(msg) {
alert(msg);
}
});
it works in chrome but not in firefox
Whats the issue?
Thanks
See the Same Origin Policy chapter of Michal Zalewski's Browser Security Handbook. www.example.com is a different domain than example.com under same-origin policy.
As Deanna points out, scripts can communicate with each other through iframes or separate windows if the subdomain sets its document.location to the higher domain. However, setting document.location has no effect on XMLHttpRequests; the domain and subdomain cannot send XMLHttpRequests directly to each other.