Compatibility v4-v5

[Nebulis]

Hi,

We use penpal quite a lot (thanks for the lib :)) but we recently came into some troubles. Our model is to have one main application loading one frame (at a time) but loading frame from different endpoint depending on the use case (so basically one app, multiple frames)

We started to received feedback that things was not working anymore. After a quick search we noticed that the version 5 was released and was the cause of the issue: developers uses the latest version (for instance https://unpkg.com/penpal/dist/penpal.min.js) while our application is using the version 4. We asked them to downgrade to version 4 and it fixed the problem.

We didn't really care much about the issue until we decided to check the reason. As per the release page:

This need has been raised several times in the past and was a fairly common use case. While this was not a breaking change, it did require significant changes to the handshake process as described in #32 (comment) and due to the higher risk of the change I decided to include it with other breaking changes in v5 rather than adding it to v4.

Our understanding is that due to handshake process changes, v4 and v5 will never be compatible. That also mean from our point of view that we will forever be stuck on v4 (because we can't ask all differnet frame maintainer to upgrade at the same time).

Any thoughts / advices / plan on v4/v5 compatibility ?

[Aaronius]

@Nebulis, your understanding is correct. Because the underlying communication is different between v4 and v5, you can't have the parent running v5 and the child running v4 or vice-versa.

We have a similar situation to yours at Adobe. The way we handle it is we host a script on a public CDN. The authors of the HTML pages that get loaded into iframes load that script from the public CDN. Our script that we host on the public CDN contains Penpal, along with an abstraction layer on top of Penpal that provides a simplified API for our particular use case. The authors of the HTML pages interact with our specific API rather than interacting with Penpal directly. Because we control the script that's hosted on the CDN, we can upgrade the Penpal version used within that script whenever we want.

I hope that helps. I'm going to close this issue out because I don't plan on making v5 compatible with v4 or vice-versa. There's too much baggage that we would need to carry forward when I think there are better ways of handling the situation. Thanks for logging the issue though.

[Nebulis]

Thanks for your response and sharing. I'm not sure that on our case we could do something like this, but it still gave me ideas to explore :)