Sub domain workaround with Chrome

Currently it is possible to use all features for the same domain also on a sub domain by settings document.domain in the parent and the iframe page.

You can read the description how this is configured on the “External workaround” tab.

Chrome will disable modifying `document.domain` to relax the same-origin policy in version 109 right now.

You can see the details here: https://developer.chrome.com/blog/immutable-document-domain/

Solution

1. Use ai_external.js

So currently I recommend to switch to the normal external workaround where you have to include the ai_external.js to the page in the iframe. In the free version then still the auto height is supported. In the pro version you will get even more features like shown here.

2. Use the “Origin-Agent-Cluster” header

If you still want to use document.domain you need to send the header like described in the blog of chrome.

2 options do do this are:

1. Setting the header in php

Add the following line to all pages in the iframe before any HTML is returned! This means before the <html> tag is sent!

<?php
  header('Origin-Agent-Cluster: ?0');
?>

2. Setting the header on the server

Set the header e.g. in Apache in a .htaccess file. Create a .htaccess file or modify the existing one on the server that contains the iframe and add the following line there:

Header set Origin-Agent-Cluster "?0"

Summary

Right now this settings are not tested as the Chrome beta 109 will be released 1st December 2022. The final release for 109 is planned for the 10th of January 2023.
Right now I do not have a SSL certificate for sub domains for tinywebgallery.com as so far it was not needed and it would double the monthly hosting fees.

I will check in December how I can test this properly.

To be on the save side please already switch to the ai_external.js

Best regards,

Michael