File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes General Computing and the fly likes By-passing Browser Same Origin Policy Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » General Computing
Bookmark "By-passing Browser Same Origin Policy" Watch "By-passing Browser Same Origin Policy" New topic

By-passing Browser Same Origin Policy

Alec Lee
Ranch Hand

Joined: Jan 28, 2004
Posts: 569
I want to read the content of another browser window using Javascript. I'd like to use to open any arbitrary URL (whose content I have no control) and read or send mouse event to the DOM of that window. One use of this is that I can automatically login, say, hotmail and download my emails.

But a major problem is browser normally doesn't allow this due to same origin policy. For normal HTTP request, I am able to overcome this issue by installing a proxy server (Apache) of my own so that my own Javascript code is loaded from a URL containing any hostname of my choice. e.g. I can make Apache serving all html requests under mycode/ regardless of the intended host e.g. would be served by my Apache proxy server.

But a major issue is if the URL is HTTPS:, the proxy server approach become very difficult to setup as there doesn't seem to be a way to config Apache as a reverse proxy for HTTPS.

Does anyone encountered similar issue like using Javascript to implement auto functional test framework.
I agree. Here's the link:
subject: By-passing Browser Same Origin Policy
It's not a secret anymore!