CROSS-DOCUMENT MESSAGING

Cross-document messaging, sometimes abbreviated as XDM, is the ability to pass information between pages from different origins. For example, a page on www.wrox.com wants to communicate with a page from p2p.wrox.com that is contained in an iframe. Prior to XDM, achieving this communication in a secure manner took a lot of work. XDM formalizes this functionality in a way that is both secure and easy to use.

At the heart of XDM is the postMessage() method. This method name is used in many parts of HTML5 in addition to XDM and is always used for the same purpose: to pass data into another location. In the case of XDM, that other location is an <iframe> element or pop-up window owned by the page.

The postMessage() method accepts two arguments: a message and a string indicating the intended recipient origin. The second argument is very important for security reasons and restricts where the browser will deliver the message. Consider this example: