资 源 简 介
The xssinterface javascript library enables communication of multiple pages (or pages and iframes) via javascript functions across domain boundaries. This may be useful for websites that want to expose a limited javascript interface to embedded widgets.
xssinterface is not a library to perform XSS attacks. To the contrary, it enables javascript messaging between pages from different origins using explicit white-list authorization to prevent XSS security holes.
xssinterface works in all browsers that support the postMessage() interface and implements a fallback mechanism that works in most current browsers.
Demo-Application
Documentation
Security
BrowserIssues
WorkaroundIdeas
AutomatedTest
