This project is not maintained anymore. You can still view and search the archives.

The pitfalls of postMessage

Hi, I’m Anselm Hannemann, a freelance Frontend Developer and Engineering Manager. You can hire me. I wrote WDRL for 10 years and have a a Market Garden as a side-business.

This link appeared in WDRL 162 on 09.12.2016.

The pitfalls of postMessage

Mathias Karlsson shares the common pitfalls of postMessage and why this can be a source of client-side vulnerabilities. The postMessage API is an alternative to JSONP, XHR with CORS headers and other methods enabling sending data between origins.