This link appeared in WDRL 162 on .
The pitfalls of postMessage
Mathias Karlsson shares the common pitfalls of postMessage
and why this can be a source of client-side vulnerabilities. The postMessage API is an alternative to JSONP, XHR with CORS headers and other methods enabling sending data between origins.