Cross Origin - window popup (window.opener is null)

Question

What i wanted to do:

1. From parent window on user click open new window source is Third Party URL (different domain)

2. User Authenticate in Popup and then Third party submit success data on Redirect page. (Like Twitter)

3. From Child Window (PopUpWindow) i have to send data back to Parent window.

what i did

var windowReference= window.open('https://ThirdPartyURL', 'CrossDomain', 'width=840,scrollbars=yes,top=0');

window.parentMethod= function (input) {alert(input)}

window gets open in new window User gets authenticate and get returned data on Redirect Page on Redirect page (child window)

window.opener.parentMethod(response);

in Firefox its working but in IE window.opener null . Reason is cross domain . if Third party URL is in current domain then it works fine but if its cross domain windowReference gets null to get it working i have to change Internet Settings->Security->Check Enabled its almost impossible to do at every client machine.

i have tried to used Postmessage but it has support for IE10 and in IE8 and 9 it has support for Iframe where as in my case Third party has disabled IFRAME embedding.

can some one help me how to over come this issue . any help will be appreciated

Answer 1

Short answer: you can't. The cross origin policy has as a reason exactly not allowing you to do what you want (the so another site won't run js on yours and the other way around).

To get around that you need to find another way to send data (usually server side -> curl requests).