I'd like to make a web service call from http://www.somedomain to https://www.somedomain
Without going to the trouble of setting up a test, could someone confirm if this will be considered the same origin?
My assumption is that this will be fine, seeing as cookies are shared successfully in this situation.
I'd like to make a web service call from http://www.somedomain. to https://www.somedomain.
Without going to the trouble of setting up a test, could someone confirm if this will be considered the same origin?
My assumption is that this will be fine, seeing as cookies are shared successfully in this situation.
Share Improve this question asked Nov 11, 2011 at 10:58 ScottEScottE 21.6k19 gold badges96 silver badges131 bronze badges2 Answers
Reset to default 5No, it wont work the url needs the same domain and the same protocol see http://en.wikipedia/wiki/Same_origin_policy
No, it is not same origin.
Perhaps you can configure your server to accept either http or https call? If this is the case you can use protocol relative urls to make your requests use whatever protocol you are already using.
reqUrl = "//www.somedomain."
By the way, it is usually not correct to make a httrps call from an http page. The initial http page makes you lose all securty the https would give since there is no way to authenticate the page has been served correctly and is running the intended scripts instead of something evil.