I am having two domains.One is secured and the other is not.Currently,when the user submits form data i redirect the the user to this secure website to collect further details.This redirection is made secure by means of cross domain cookies.
Now,instead of redirecting to the secure page i am planning to load the secure page in an iframe.But i am not aware of the security measures to be taken up to secure this communication via iframe.How to ensure that this communication is secured?Will setting cross-domain cookies solve the problem?
I send a pixel request from non-secure to secure site,which inturn drops a cookie with its domain and sends back the pixel as mean of successful response. Now when the real request comes from non-secure site, i check for the cookie and it’s domain therby creating a secure environment and also made the page in secure site a one time vist page.