Simon Willison’s Weblog

Blogmarks tagged javascript, crossdomain in 2008

Filters: Type: blogmark × Year: 2008 × javascript × crossdomain ×


CSSHttpRequest (via) Devious cross-domain Ajax hack that uses CSS for transport (@import rules with data URIs, but it still works in IE). Similar to JSONP but safer, since JSONP can cause arbitrary JavaScript to execute. # 23rd October 2008, 6:25 pm

window.name Transport. The cleverest use of the window.name messaging hack I’ve seen yet: Dojo now has dojox.io.windowName.send for safe, performant cross-domain messaging. # 23rd July 2008, 4:25 pm

xssinterface (via) Clever JavaScript library for implementing opt-in cross-domain messaging in JavaScript (allowing communication between pages and iframes on different domains). Uses HTML 5’s postMessage API if available, otherwise falls back on either Google Gears or a clever cookie hack. # 5th March 2008, 12:08 am

Cross-Site XMLHttpRequest (via) “Firefox 3 implements the W3C Access Control working draft, which gives you the ability to do XMLHttpRequests to other web sites”—you can mark a document as available for cross-domain requests using either an Access-Control HTTP header or an XML processing instruction. # 9th January 2008, 11:57 pm