Chapter 4. Communicating with the server

This chapter covers

  • Same-origin policy (SOP)
  • Techniques to enable cross-domain messaging around the SOP
  • Security implications associated with SOP workarounds
  • Cross-origin resource sharing (CORS)

In previous chapters you learned how to distribute, load, and render a third-party JavaScript application on the publisher’s web page. You’re off to a great start, but so far your application only has access to the predefined data embedded in your JavaScript files. Unless you’re dealing with small, unchanging datasets, at some point you’ll need to make dynamic requests for data from your servers. And if your application is collecting data, either passively or directly via user input, you’ll likely want ...

Get Third-Party JavaScript now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.