Issue
I've read on multiple pages that hidden iFrames are used for silent authentication, but I couldn't figure out yet why. What are the benefits to using an iFrame over directly sending a GET Request to the Identity Server?
Solution
It's a convenient way to get around the Single-Origin-Policy in the browser when we want to do cross-origin requests (across domains).
This was a popular approach when we didn't have the more modern CORS feature to get around the SOP-policy.
Answered By - Tore Nestenius Answer Checked By - Clifford M. (PHPFixing Volunteer)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.