javascript - Changing document.domain to completely other domain

Question

I'm trying to prove that changing document.domain can be used only for cross scripting on the same upper level domain. For example if i will try to change document.domain to "google.com" on page which is located on www.test.com I will get a security exception in FF. Does anybody know where to locate an official proof of that?

Answer 1

Check out : developer.mozilla.org/same-origin-policy

Here is an excerpt from the site:

There is one exception to the same origin rule. A script can set the value of document.domain to a suffix of the current domain. If it does so, the shorter domain is used for subsequent origin checks. For example, assume a script in the document at http://store.company.com/dir/other.html executes the following statement:

document.domain = "company.com";

After that statement executes, the page would pass the origin check with http://company.com/dir/page.html. However, by the same reasoning, company.com could not set document.domain to othercompany.com.