How do I get one form to post data to another form on a different domain?

I have a form on that has an iframe to an upload form on

When the user submits the form on I need it to grab the data from one of the fields and put it into a field on the form.

This use to work under IIS by putting this javascript on

function hello(string){
   var name=string

however, we recently had to move to Tomcat and now this cross domain scripting no longer works.

We've enabled the cross domain scripting on the Tomcat server.

Any suggestions would be appreciated.
Donnie WalkerAsked:
Who is Participating?
gr8gonzoConnect With a Mentor ConsultantCommented:
Actually, don't change the site B code yet - just set the document.domain on both pages and see if the old code runs as expected.
How much control do you have over code on the two sites?

In the submit routine of the form in the iFrame... make it fire a tracking pixel before it submits the form... this tracking pixels hits SiteA with the parameter you need to use.

var oBody = document.getElementsByTagName('BODY').item(0);
var oImg= document.createElement("img");
oBody.appendChild( oImg);

Open in new window

Now create "catchpage" so that it places the value into a cookie.

Now update your page that contains the iFrame so that it listens for an "onblur" of the iFrame (so it will catch that the iFrame was posted).  This onblur event triggers SiteA's page to retrieve the value from the cookie and do with it whatever you please.
sivagnanam chandrakanthTechnical LeadCommented:
you can also use jsonp if you want to pass information via JS
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

Donnie WalkerAuthor Commented:
jsonp looks promising.

Do you have a working code sample?

Something that shows how to set it up on the iframed so that when the user submits the form it puts the field value somewhere and then something that shows how gets the data?
If and are on two different actual domains, then I'm surprised that the IIS approach ever worked unless it worked many years ago. Most browsers stopped allowing cross-site scripting (XSS) several years ago.

sivagnanam_c's suggestion isn't bad, but JSONP relies on script injection, which may not always work later on (assuming browser security changes continue the way they are going). I've personally stayed away from JSONP for that reason - I don't want to revisit things down the road.

nap0leon's suggestion is better, IMO, but if you have control over both domains and both have the same top/root domain, you can set the document.domain property in Javascript to the same value on both sides and it will allow the type of scripting you were using before.

So page in SiteA:
<script type="text/javascript">document.domain = "</script>

Page in SiteB:
<script type="text/javascript">document.domain = "</script>

Now they should be able to communicate page-to-page using Javascript and iFrames. You would need to specify the path to the iframe to access the right document and its elements, too.

This might work for completely different domains, but I'm not sure (I doubt it).

The most long-term and reliable solution is to simply pass in parameters via the query string by setting the iframe's src when you want to add a parameter:

1. You want to set field1 on (contained in an iframe)

2. Site A sets the iframe src to

3. The form.php on Site B reads the parameters, sets the value in the form (and saves it into a session so that further form fields can be set with subsequent calls), and then displays the updated form.

It's a tiny bit slower, but far more reliable than any other method and isn't at risk for any kind of deprecation in the near future because it uses good ol' standard calls.
Donnie WalkerAuthor Commented:
Well, the situation is this. is not capable of running anything other than javascript...but I need the ability to upload files via a form and get the file name into a field on

so runs a php upload via a form and this page is in an iframe on

Previously, by putting this in the header of

function upload(string){
   var name=string

 I was able to grab the field that put the upload file name from into the form on into text field "VAR20".

But this was with cross domain scripting allowed and when was on an IIS server.

For some reason when we moved to Tomcat on this stopped working even with a cross domain scripting policy XML on Tomcat.

I've added <script type="text/javascript">document.domain = "</script> to the header of both sites and it still does not post the file name to the other form.

I'm open to anything.
I see, so is the parent frame, and is the child / iframe. The values are coming from a PHP upload in and those values need to go into the static form in the parent frame (

Also, I screwed up with the code I sent and missed an ending quote and semicolon. It should be:

<script type="text/javascript">document.domain = "";</script>

Are siteA and siteB part of the same root domain, like siteA = and siteB = ? Or are they completely separate domains like and ?

How is the form on Site A processed if nothing but Javascript is allowed?
Donnie WalkerAuthor Commented: runs some specialized code called "Datatel".  Not sure how it works but it is all form based.

siteA and siteB are part of the same root domain. Example: (siteA = and siteB = even though they are on different virtual servers).

when a user clicks the upload/submit button on the form on siteB this runs:


and then this code:

function upload(string){
   var name=string

picks up the value and puts it into a text file called VAR20.

Like I said, this worked fine before we switched to Tomcat on
Different virtual servers are fine. If they're part of the same root domain, then you're in luck - the document.domain approach will definitely work.

After setting that document.domain to "" in both sites, have site B's code use this syntax to set fields in site A:

parent.document.getElementById("fieldname").value = "new value";
Donnie WalkerAuthor Commented:
That fixed it. I must of had it cached. Thanks!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.