1

from http://appcachefacts.info/:

Over SSL, all resources in the manifest must respect the same-origin policy. The exception is Google Chrome, which doesn't follow the specification in this regard. Over SSL, Chrome will load resources from different origins so long as they are still served over SSL.

I would really like to load static assets like images,css and javascripts from a CDN close to the user and avoid serving them from my webserver just because i use HTTPS

Is there any way we can work arround those security limitations ?

my goal:

Main html loaded from : https://mydomain.com.

Assets loaded from : https://cdn.mydomain.com (subdomain but not same origin..)

Appcache file I use at the moment, but does not seem to work on safari and iOS iphone : 

CACHE MANIFEST


CACHE:
https://cdn.mydomain.com/main.css
https://cdn.mydomain.com/main.zepto.js

NETWORK:
/
*
Improve this question
1
  • use Cross-Origin Resource Sharing Commented Jun 6, 2015 at 8:45

1 Answer 1

Reset to default
5

Unfortunately no, Sorry actually according to http://en.wikipedia.org/wiki/Same_origin_policy currently the only browser that allows for Cross-Domain caching is Chrome and that is only because they are willfully not adhering to the same origin policy. If you want to make your offline site exclusively for chrome users you can do dual servers, otherwise you'll have to stick with one until the different browsers come up with a new policy.

If you want to get tricky you could attempt something like running a jQuery to a html file on your asset server that loads the manifest there, but I doubt that will work during offline use.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.