By default, browsers have built-in protection mechanisms for preventing cross-domain script execution, mainly because of various security vulnerabilities.
The jQuery postMessage plugin allows scripts hosted on different domains and loaded on the page via an iframe to be executed without posting any security threat or being blocked by the client's browser.
The plugin relies on the window.postMessage method for safe cross-domain frame communication, and falls back to document.location.hash in (ancient) browsers where this method is still not supported.
Docs and simple demos are included with the plugin's package.
What is new in this release:
- Improved cache-busting.
Requirements:
- JavaScript enabled on client side
- jQuery 1.3.2 or higher
Comments not found