Same Origin Policy and Displaying external websites in Modalbox

What is Same origin policy

In computing, the same origin policy is an important security measure for client-side scripting (mostly JavaScript). The policy dates from Netscape Navigator 2.0, with necessary coverage fixes in Navigator 2.01 and Navigator 2.02. It prevents a document or script loaded from one “origin” from getting or setting properties of a document from a different “origin”.

Read more about SOP:

• http://en.wikipedia.org/wiki/Same_origin_policy
• http://taossa.com/index.php/2007/02/08/same-origin-policy/

How to overcome SOP

One of the ways to overcome SOP is to use so called ‘proxy’ on your server side. “Read more about proxy”: http://ajaxpatterns.org/archive/Cross-Domain_Proxy.php.

For example, it might look like

var url = '/proxy?url=' + encodeURIComponent('http://www.google.com/search?q=Prototype'); // notice the use of a proxy to circumvent the Same Origin Policy.

Read more and examples:

• http://prototypejs.org/api/ajax/request
• http://sourceforge.net/projects/php-proxy/