Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How do I get one form to post data to another form on a different domain?

Posted on 2013-01-10
Medium Priority
Last Modified: 2013-01-11
I have a form on siteA.com that has an iframe to an upload form on siteB.com.

When the user submits the form on siteB.com I need it to grab the data from one of the fields and put it into a field on the siteA.com form.

This use to work under IIS by putting this javascript on siteA.com:

function hello(string){
   var name=string

however, we recently had to move to Tomcat and now this cross domain scripting no longer works.

We've enabled the cross domain scripting on the Tomcat server.

Any suggestions would be appreciated.
Question by:Donnie Walker
LVL 18

Expert Comment

ID: 38764476
How much control do you have over code on the two sites?

In the submit routine of the form in the iFrame... make it fire a tracking pixel before it submits the form... this tracking pixels hits SiteA with the parameter you need to use.

var oBody = document.getElementsByTagName('BODY').item(0);
var oImg= document.createElement("img");
oBody.appendChild( oImg);

Open in new window

Now create "catchpage" so that it places the value into a cookie.

Now update your page that contains the iFrame so that it listens for an "onblur" of the iFrame (so it will catch that the iFrame was posted).  This onblur event triggers SiteA's page to retrieve the value from the cookie and do with it whatever you please.
LVL 12

Expert Comment

by:sivagnanam chandrakanth
ID: 38766270
you can also use jsonp if you want to pass information via JS


Author Comment

by:Donnie Walker
ID: 38767117
jsonp looks promising.

Do you have a working code sample?

Something that shows how to set it up on the iframed siteB.com so that when the user submits the form it puts the field value somewhere and then something that shows how siteA.com gets the data?
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 36

Expert Comment

ID: 38767146
If SiteA.com and SiteB.com are on two different actual domains, then I'm surprised that the IIS approach ever worked unless it worked many years ago. Most browsers stopped allowing cross-site scripting (XSS) several years ago.

sivagnanam_c's suggestion isn't bad, but JSONP relies on script injection, which may not always work later on (assuming browser security changes continue the way they are going). I've personally stayed away from JSONP for that reason - I don't want to revisit things down the road.

nap0leon's suggestion is better, IMO, but if you have control over both domains and both have the same top/root domain, you can set the document.domain property in Javascript to the same value on both sides and it will allow the type of scripting you were using before.

So page in SiteA:
<script type="text/javascript">document.domain = "SiteA.com</script>

Page in SiteB:
<script type="text/javascript">document.domain = "SiteA.com</script>

Now they should be able to communicate page-to-page using Javascript and iFrames. You would need to specify the path to the iframe to access the right document and its elements, too.

This might work for completely different domains, but I'm not sure (I doubt it).

The most long-term and reliable solution is to simply pass in parameters via the query string by setting the iframe's src when you want to add a parameter:

1. You want to set field1 on www.siteB.com/form.php (contained in an iframe)

2. Site A sets the iframe src to www.siteB.com/form.php?field1=value

3. The form.php on Site B reads the parameters, sets the value in the form (and saves it into a session so that further form fields can be set with subsequent calls), and then displays the updated form.

It's a tiny bit slower, but far more reliable than any other method and isn't at risk for any kind of deprecation in the near future because it uses good ol' standard calls.

Author Comment

by:Donnie Walker
ID: 38767220
Well, the situation is this.

siteA.com is not capable of running anything other than javascript...but I need the ability to upload files via a form and get the file name into a field on siteA.com.

so siteB.com runs a php upload via a form and this page is in an iframe on siteA.com.

Previously, by putting this in the header of siteA.com:

function upload(string){
   var name=string

 I was able to grab the field that put the upload file name from siteB.com into the form on siteA.com into text field "VAR20".

But this was with cross domain scripting allowed and when siteA.com was on an IIS server.

For some reason when we moved to Tomcat on siteA.com this stopped working even with a cross domain scripting policy XML on Tomcat.

I've added <script type="text/javascript">document.domain = "SiteA.com</script> to the header of both sites and it still does not post the file name to the other form.

I'm open to anything.
LVL 36

Expert Comment

ID: 38767294
I see, so SiteA.com is the parent frame, and SiteB.com is the child / iframe. The values are coming from a PHP upload in SiteB.com and those values need to go into the static form in the parent frame (SiteA.com).

Also, I screwed up with the code I sent and missed an ending quote and semicolon. It should be:

<script type="text/javascript">document.domain = "SiteA.com";</script>

Are siteA and siteB part of the same root domain, like siteA = www.mydomain.com and siteB = uploads.mydomain.com ? Or are they completely separate domains like mydomain.com and yourdomain.com ?

How is the form on Site A processed if nothing but Javascript is allowed?

Author Comment

by:Donnie Walker
ID: 38767326
siteA.com runs some specialized code called "Datatel".  Not sure how it works but it is all form based.

siteA and siteB are part of the same root domain. Example: (siteA = datatel.college.edu and siteB = web.college.edu even though they are on different virtual servers).

when a user clicks the upload/submit button on the form on siteB this runs:


and then this code:

function upload(string){
   var name=string

picks up the value and puts it into a text file called VAR20.

Like I said, this worked fine before we switched to Tomcat on siteA.com.
LVL 36

Expert Comment

ID: 38767415
Different virtual servers are fine. If they're part of the same root domain, then you're in luck - the document.domain approach will definitely work.

After setting that document.domain to "college.edu" in both sites, have site B's code use this syntax to set fields in site A:

parent.document.getElementById("fieldname").value = "new value";
LVL 36

Accepted Solution

gr8gonzo earned 2000 total points
ID: 38767425
Actually, don't change the site B code yet - just set the document.domain on both pages and see if the old code runs as expected.

Author Closing Comment

by:Donnie Walker
ID: 38767749
That fixed it. I must of had it cached. Thanks!

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article discusses how to create an extensible mechanism for linked drop downs.
Today, the web development industry is booming, and many people consider it to be their vocation. The question you may be asking yourself is – how do I become a web developer?
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses
Course of the Month14 days, 22 hours left to enroll

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question