Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Working with multiple domains
Search
Kristian PD
September 13, 2012
Programming
3
120
Working with multiple domains
Brief overview of many considerations related to dealing with multiple domains.
Kristian PD
September 13, 2012
Tweet
Share
More Decks by Kristian PD
See All by Kristian PD
batman.js state of the union
kristianpd
1
160
Other Decks in Programming
See All in Programming
[初登壇@jAZUG]アプリ開発者が気になるGoogleCloud/Azure+wasm/wasi
asaringo
0
130
アンドパッドの Go 勉強会「 gopher 会」とその内容の紹介
andpad
0
260
エラーって何種類あるの?
kajitack
5
310
つよそうにふるまい、つよい成果を出すのなら、つよいのかもしれない
irof
1
300
Result型で“失敗”を型にするPHPコードの書き方
kajitack
4
380
Julia という言語について (FP in Julia « SIDE: F ») for 関数型まつり2025
antimon2
3
980
来たるべき 8.0 に備えて React 19 新機能と React Router 固有機能の取捨選択とすり合わせを考える
oukayuka
2
860
第9回 情シス転職ミートアップ 株式会社IVRy(アイブリー)の紹介
ivry_presentationmaterials
1
240
Deep Dive into ~/.claude/projects
hiragram
8
1.5k
git worktree × Claude Code × MCP ~生成AI時代の並列開発フロー~
hisuzuya
1
480
Java on Azure で LangGraph!
kohei3110
0
170
なぜ適用するか、移行して理解するClean Architecture 〜構造を超えて設計を継承する〜 / Why Apply, Migrate and Understand Clean Architecture - Inherit Design Beyond Structure
seike460
PRO
1
690
Featured
See All Featured
Visualization
eitanlees
146
16k
The Cult of Friendly URLs
andyhume
79
6.5k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
26
2.9k
Optimising Largest Contentful Paint
csswizardry
37
3.3k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
181
53k
Balancing Empowerment & Direction
lara
1
370
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
20
1.3k
Why Our Code Smells
bkeepers
PRO
337
57k
Thoughts on Productivity
jonyablonski
69
4.7k
A Modern Web Designer's Workflow
chriscoyier
694
190k
Six Lessons from altMBA
skipperchong
28
3.8k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
138
34k
Transcript
WORKING WITH multiple DOMAINS Tuesday, 18 September, 12
What do we want to do? Tuesday, 18 September, 12
What do we want to do? track customers Tuesday, 18
September, 12
What do we want to do? track customers get external
content Tuesday, 18 September, 12
What do we want to do? track customers get external
content update data in realtime Tuesday, 18 September, 12
What can we use? Tuesday, 18 September, 12
What can we use? cookies Tuesday, 18 September, 12
What can we use? cookies pixels Tuesday, 18 September, 12
What can we use? cookies iframes pixels forms Tuesday, 18
September, 12
What can we use? cookies jsonp cors iframes pixels forms
Tuesday, 18 September, 12
can’t we all just get along? Tuesday, 18 September, 12
the internet is a mean place Tuesday, 18 September, 12
same origin policy Tuesday, 18 September, 12
http://shop.myshopify.com/admin Tuesday, 18 September, 12
http://shop.myshopify.com/admin protocol host (port) MUST MATCH Tuesday, 18 September, 12
it’s not that bad Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https Tuesday, 18 September, 12
http != https proxy Tuesday, 18 September, 12
<iframe> http != https Tuesday, 18 September, 12
<iframe> http != https http + https = Tuesday, 18
September, 12
<iframe> http != https http + https = https +
http = Tuesday, 18 September, 12
protocol independent URL http != https //shop.myshopify.com Tuesday, 18 September,
12
how can we use this? Tuesday, 18 September, 12
COOKIES Tuesday, 18 September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; cookie data REVIEW Tuesday,
18 September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; domain REVIEW Tuesday, 18
September, 12
Set-Cookie: foo=bar; Domain=.myshopify.com; Path=/; Expires=Fri, 14-Sep-2020; expiry REVIEW Tuesday, 18
September, 12
Set-Cookie: session_id=abc123; Domain=shop.myshopify.com; Path=/admin; Secure; HttpOnly https only REVIEW Tuesday,
18 September, 12
Set-Cookie: session_id=abc123; Domain=shop.myshopify.com; Path=/admin; Secure; HttpOnly no javascript REVIEW Tuesday,
18 September, 12
3rd party cookies Tuesday, 18 September, 12
3rd party cookies can be disabled Tuesday, 18 September, 12
<iframe> + <form> POST HACK Tuesday, 18 September, 12
cross-domain ...asynchronously Tuesday, 18 September, 12
JSONP JSON with Padding Tuesday, 18 September, 12
JSONP browser requests Tuesday, 18 September, 12
server renders JSON with Padding JSONP Tuesday, 18 September, 12
javascript is returned JSONP Tuesday, 18 September, 12
CORS Cross-origin-resource-sharing Tuesday, 18 September, 12
CORS Access-Control-Allow-Origin: https://shop.myshopify.com Tuesday, 18 September, 12
Access-Control-Allow-Headers: GET, POST, PUT, DELETE Content-Type: application/json CORS Access-Control-Allow-Origin: https://shop.myshopify.com
Tuesday, 18 September, 12
postMessage Tuesday, 18 September, 12
postMessage sending Tuesday, 18 September, 12
postMessage sending Reference to the other window Tuesday, 18 September,
12
postMessage sending Data you want to send Tuesday, 18 September,
12
postMessage sending Origin of the target window Tuesday, 18 September,
12
postMessage sending Origin of the target window be explicit, avoid
* Tuesday, 18 September, 12
postMessage receiving Tuesday, 18 September, 12
postMessage receiving be explicit, avoid * Tuesday, 18 September, 12
thanks Tuesday, 18 September, 12
kristianpd
asaringo
andpad
kajitack
irof
antimon2
oukayuka
ivry_presentationmaterials
hiragram
hisuzuya
kohei3110
seike460
eitanlees
andyhume
eileencodes
csswizardry
soudai
lara
honnibal
bkeepers
jonyablonski
chriscoyier
skipperchong
