| Tip 31 | Talking across Domains |
Client-side web applications have traditionally been restricted from talking directly to scripts on other domains—a restriction designed to protect users. This is known as the same-origin policy,[75] and while it protects users, it makes our work more difficult if we have legitimate reasons to make two separate sites communicate. There are numerous clever ways around this restriction, including the use of server-side proxies and URL hacks. But now there’s a better way.
Cross-Document Messaging, or Web Messaging,[76] is an API that makes it possible for scripts hosted on different domains to pass messages back and forth. For example, we can have a form on http://support.awesomecompany.com post content to another window ...
Get HTML5 and CSS3, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
