Using HTML5 postMessage For a Secured Cross Domain Communication and Rendering

In the previous post, we covered how easy it is to build an environment where anyone can write in HTML, CSS, JS code that gets rendered and displayed in a sandbox (iframe) in realtime. It’s all good as long as the platform is restricted to yourself, but when it becomes open, i.e., when others can create testcases or use it for some other purpose as on CSSDeck, you need to start thinking about security.

Continue reading “Using HTML5 postMessage For a Secured Cross Domain Communication and Rendering”