Skip to Main Content
Third-Party JavaScript
book

Third-Party JavaScript

by Anton Kovalyov, Ben Vinegar
March 2013
Intermediate to advanced content levelIntermediate to advanced
288 pages
9h 44m
English
Manning Publications
Content preview from Third-Party JavaScript

Chapter 5. Cross-domain iframe messaging

This chapter covers

  • The role of iframes in cross-domain messaging
  • HTML5 window.postMessage API
  • window.postMessage alternatives for legacy browsers
  • easyXDM—the cross-domain messaging library

In chapter 4 you learned about the same-origin policy—a browser security concept that prohibits pages from different origins from accessing each other’s methods and properties. You also learned a few tricks—subdomain proxies, JSONP, and CORS—that allow you to circumvent the SOP in order to send HTTP requests to your servers.

One of those solutions, subdomain proxies, used iframe elements as a means of communicating with your servers. It relied upon the fact that documents hosted inside iframes can freely communicate ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ajax: The Definitive Guide

Ajax: The Definitive Guide

Anthony T. Holdener III

Publisher Resources

ISBN: 9781617290541Publisher SupportOtherPublisher WebsiteSupplemental ContentPurchase Link