Hacker News new | past | comments | ask | show | jobs | submit login

I was thinking of postMessage, I haven't used CORS before but it looks like it ends up giving the same kind of outcome. In my case though I control the server have have the JS on 3rd parties so it is the reverse to what you are saying.



postMessage is more heavyweight than CORS.

Minus a couple of restrictions (i.e. with CORS you cannot rely on cookies being set, so you need to handle that from your Javascript somehow), CORS works well and it works on all major browsers, starting with IExplorer 8, which makes it awesome.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: