Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Working with multiple domains
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Kristian PD
September 13, 2012
Programming
3
130
Working with multiple domains
Brief overview of many considerations related to dealing with multiple domains.
Kristian PD
September 13, 2012
Tweet
Share
More Decks by Kristian PD
See All by Kristian PD
batman.js state of the union
kristianpd
1
160
Other Decks in Programming
See All in Programming
副作用をどこに置くか問題:オブジェクト指向で整理する設計判断ツリー
koxya
1
600
The Past, Present, and Future of Enterprise Java
ivargrimstad
0
540
Fluid Templating in TYPO3 14
s2b
0
130
AI時代のキャリアプラン「技術の引力」からの脱出と「問い」へのいざない / tech-gravity
minodriven
21
7.1k
今こそ知るべき耐量子計算機暗号(PQC)入門 / PQC: What You Need to Know Now
mackey0225
3
370
CSC307 Lecture 08
javiergs
PRO
0
670
Architectural Extensions
denyspoltorak
0
280
AI前提で考えるiOSアプリのモダナイズ設計
yuukiw00w
0
220
Package Management Learnings from Homebrew
mikemcquaid
0
210
AIで開発はどれくらい加速したのか?AIエージェントによるコード生成を、現場の評価と研究開発の評価の両面からdeep diveしてみる
daisuketakeda
1
2.4k
プロダクトオーナーから見たSOC2 _SOC2ゆるミートアップ#2
kekekenta
0
200
ぼくの開発環境2026
yuzneri
0
190
Featured
See All Featured
Side Projects
sachag
455
43k
Building Applications with DynamoDB
mza
96
6.9k
AI Search: Where Are We & What Can We Do About It?
aleyda
0
6.9k
RailsConf 2023
tenderlove
30
1.3k
Discover your Explorer Soul
emna__ayadi
2
1.1k
Six Lessons from altMBA
skipperchong
29
4.1k
Stop Working from a Prison Cell
hatefulcrawdad
273
21k
How GitHub (no longer) Works
holman
316
140k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
66
36k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
[SF Ruby Conf 2025] Rails X
palkan
1
740
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
110
Transcript
WORKING WITH multiple DOMAINS Tuesday, 18 September, 12
What do we want to do? Tuesday, 18 September, 12
What do we want to do? track customers Tuesday, 18
September, 12
What do we want to do? track customers get external
content Tuesday, 18 September, 12
What do we want to do? track customers get external
content update data in realtime Tuesday, 18 September, 12
What can we use? Tuesday, 18 September, 12
What can we use? cookies Tuesday, 18 September, 12
What can we use? cookies pixels Tuesday, 18 September, 12
What can we use? cookies iframes pixels forms Tuesday, 18
September, 12
What can we use? cookies jsonp cors iframes pixels forms
Tuesday, 18 September, 12
can’t we all just get along? Tuesday, 18 September, 12
the internet is a mean place Tuesday, 18 September, 12
same origin policy Tuesday, 18 September, 12
http://shop.myshopify.com/admin Tuesday, 18 September, 12
http://shop.myshopify.com/admin protocol host (port) MUST MATCH Tuesday, 18 September, 12
it’s not that bad Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https proxy Tuesday, 18 September, 12
<iframe> http != https Tuesday, 18 September, 12
<iframe> http != https http + https = Tuesday, 18
September, 12
<iframe> http != https http + https = https +
http = Tuesday, 18 September, 12
protocol independent URL http != https //shop.myshopify.com Tuesday, 18 September,
12
how can we use this? Tuesday, 18 September, 12
COOKIES Tuesday, 18 September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; cookie data REVIEW Tuesday,
18 September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; domain REVIEW Tuesday, 18
September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; expiry REVIEW Tuesday, 18
September, 12
Set-Cookie: session_id=abc123; Domain=shop.myshopify.com; Path=/admin; Secure; HttpOnly https only REVIEW Tuesday,
18 September, 12
Set-Cookie: session_id=abc123; Domain=shop.myshopify.com; Path=/admin; Secure; HttpOnly no javascript REVIEW Tuesday,
18 September, 12
3rd party cookies Tuesday, 18 September, 12
3rd party cookies can be disabled Tuesday, 18 September, 12
<iframe> + <form> POST HACK Tuesday, 18 September, 12
cross-domain ...asynchronously Tuesday, 18 September, 12
JSONP JSON with Padding Tuesday, 18 September, 12
JSONP browser requests Tuesday, 18 September, 12
server renders JSON with Padding JSONP Tuesday, 18 September, 12
javascript is returned JSONP Tuesday, 18 September, 12
CORS Cross-origin-resource-sharing Tuesday, 18 September, 12
CORS Access-Control-Allow-Origin: https://shop.myshopify.com Tuesday, 18 September, 12
Access-Control-Allow-Headers: GET, POST, PUT, DELETE Content-Type: application/json CORS Access-Control-Allow-Origin: https://shop.myshopify.com
Tuesday, 18 September, 12
postMessage Tuesday, 18 September, 12
postMessage sending Tuesday, 18 September, 12
postMessage sending Reference to the other window Tuesday, 18 September,
12
postMessage sending Data you want to send Tuesday, 18 September,
12
postMessage sending Origin of the target window Tuesday, 18 September,
12
postMessage sending Origin of the target window be explicit, avoid
* Tuesday, 18 September, 12
postMessage receiving Tuesday, 18 September, 12
postMessage receiving be explicit, avoid * Tuesday, 18 September, 12
thanks Tuesday, 18 September, 12
kristianpd
koxya
ivargrimstad
s2b
minodriven
mackey0225
javiergs
denyspoltorak
yuukiw00w
mikemcquaid
daisuketakeda
kekekenta
yuzneri
sachag
mza
aleyda
tenderlove
emna__ayadi
skipperchong
hatefulcrawdad
holman
akihiro_kokubo
iamctodd
palkan
sabderemane
