The protocol *must* be the same (if the page is https://.../ then the ajax request must also be to https://.../).
The port *must* be the same. The host name *must* have the same SLD [1], and if the subdomains are different, document.domain *must* be set to the SLD. I'm certain that this can work as I do it all the time. If you're still having trouble, could you create a page that demonstrates the problem? --Erik [1] http://en.wikipedia.org/wiki/Second-level_domain On 7/9/08, flycast <[EMAIL PROTECTED]> wrote: > > I tried setting document.domain = 'site.com'; > It works with a domain of site.com but not www.site.com. I now get the > following message: > > [Exception... "'Permission denied to call method XMLHttpRequest.open' > when calling method: [nsIDOMEventListener::handleEvent]" nsresult: > "0x8057001e (NS_ERROR_XPC_JS_THREW_STRING)" location: "<unknown>" > data: no] > > This seems to be a different problem. > > BTW...here is a Mozilla link to the issue of cross domain and the use > of document.domain: > http://www.mozilla.org/projects/security/components/same-origin.html > > > > > On Jul 9, 1:30 am, Alexsandro_xpt <[EMAIL PROTECTED]> wrote: > > Well, I thought this is security browser issue. > > > > I always solve this problem this way: > > Eg.: > > > > To ajax this:http://feedproxy.feedburner.com/undergoogle > > > > > I create > > this:http://blog.alexsandro.com.br/application/load/feedproxy.feedburner.c... > > > > -- > > Alexsandrowww.alexsandro.com.br > > > > > On 9 jul, 00:18, "Erik Beeson" <[EMAIL PROTECTED]> wrote: > > > > > Add this somewhere in your javascript: > > > > > document.domain = 'site.com'; > > > > > Google document domain > > > > > --Erik > > > > > On 7/8/08, flycast <[EMAIL PROTECTED]> wrote: > > > > > > Simple problem (I think)... > > > > > > I am new to JS and ajax. > > > > > > I am building an ajax capability on a clients site. I am running into > > > > cross domain problems. If I get the page using the url > formhttp://www.site.com > > > > but I do a load using the url form "http://site.com" (www vs. no www > > > > in the url) I get nothing but a js error. > > > > > > What is the best way to handle making sure that if the person is at > > > > the site with OR without the "www" in the url that the .load will > > > > still work? >