easyXSS

Please see easyXDM for updated info!

I’ve just completed the first version of my cross-site scripting library easyXSS. It is available at http://code.google.com/p/easyxss/ under a MIT-license.

As it is now it supports simple messaging between windows of different domains, but it also supports proxying method calls and results between them making it well-suited for creating API’s.

I’ve prepared several examples and demo’s at http://code.google.com/p/easyxss/ and look forward to getting feedback!

To show you a quick example, here is the code needed to have a method ‘doMagic’ that is located on domainA available in a window from domainB.

This is placed in the document api.html at domainA

var channel = easyXSS.createChannel({
onReady: function(){
remote = easyXSS.createInterface(channel, {
local: {
doMagic: _privateMethodDoingMagic
}
});
}
});

and this is placed in the document at domainB

var remote;
var channel = easyXSS.createChannel({
local: "/hash.html",
remote: "http://domaina.com/api.html",
onReady: function(){
remote = easyXSS.createInterface(channel, {
remote: {
doMagic: {}
}
});
}
});

The medhod doMagic can now be called from domainB using

remote.doMagic('argument1',2,'three',function(result){
// Consume the result
});
Bookmark and Share

Tags: , , , ,

This entry was posted on Wednesday, June 24th, 2009 at 18:39 and is filed under Uncategorized, easyXDM, programming. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

«
»

View Comments to “easyXSS”

  1. Oliver Nassar Says: July 29th, 2009 at 22:10

    Take a look at this:
    http://neil.fraser.name/news/2009/07/27/

    Might be relevant to you for easyXSS

  2. oyvind.kinsey Says: July 29th, 2009 at 22:22

    The library does not use JSONP, but thanks anyway :)
    Btw, I am already aware of this issue.

  3. Oliver Nassar Says: July 29th, 2009 at 22:31

    Haha:
    “Btw, I am already aware of this is issue.” comes off pretty strangely.
    Anyway, best of luck.

  4. oyvind.kinsey Says: July 29th, 2009 at 22:36

    Not quite following you there, what I ment was that I know about the issue with JSONP – I was not trying to be rude in any way :)

  5. ebeworld Says: August 13th, 2009 at 23:26

    Hi there, I am trying to let iframe and its container to communicate and it doesn’t work quite as expected. Would you provide an example?

  6. oyvind.kinsey Says: August 13th, 2009 at 23:54

    The project recently changed its name to easyXDM (to avoid the whole XSS thing) and has gone through a few revisions, its currently at 1.5.
    You can find an extensive documentation and several examples showcasing container/iframe communication at http://easyxdm.net/docs. Hope this helps!

Leave a Reply

blog comments powered by Disqus