Web Messaging

__Web Messaging__ or __cross-document messaging__, is an API introduced in the WHATWG HTML5 draft specification, allowing documents to communicate with one another across different origins, or source domains while rendered in a web browser - wikipedia

- postMessage

This HTML5 technology is built into modern browsers and uses the Window.postMessage method.

# Security

Prior to HTML5, web browsers disallowed cross-site scripting, to protect against security attacks. This practice barred communication between non-hostile pages as well, making document interaction of any kind difficult.

Cross-document messaging allows scripts to interact across these boundaries, while providing a rudimentary level of security.

# Alternative * Use cookies - stackoverflow

# Sections

# See also

- developer.mozilla.org - davidwalsh.name

- Same-origin policy - Cross-origin resource sharing - Window.postMessage

- Cross-site scripting - Cross-site request forgery - Same origin policy - Cross-origin resource sharing - JSONP