Because of its modular design, Endpoint.js requires you to add a separate link for Window links of different origins. This means that-site-abc.com will have a different link and transport from this-site-xyz.com.
The way that PostMessageReaderTransport works is that it subscribes to messages on the target assigned to it. In this case, the current window. When child windows (such as iframes) post back to it, every transport will receive the same message, but transports with a different origin will ignore it:
if (this._checkOrigin) {
if (this._origin !== event.origin) {
log.log(log.DEBUG3, 'Received message from invalid origin: [Origin: %s] [Expected Origin: %s] [Message: %j]',
event.origin, this._origin, event.data);
return;
}
}
This isn't an issue if the amount of links are low, but could be a problem if there are large amounts of links/transports active. It would be better if somehow the system could recognize which transports need the incoming message based on the origin (some dictionary somewhere?) in order to improve possible performance penalties, but I don't want to sacrifice the modularity of the code, so I'm not sure how to handle this right now.
Because of its modular design, Endpoint.js requires you to add a separate link for Window links of different origins. This means that-site-abc.com will have a different link and transport from this-site-xyz.com.
The way that PostMessageReaderTransport works is that it subscribes to messages on the target assigned to it. In this case, the current window. When child windows (such as iframes) post back to it, every transport will receive the same message, but transports with a different origin will ignore it:
This isn't an issue if the amount of links are low, but could be a problem if there are large amounts of links/transports active. It would be better if somehow the system could recognize which transports need the incoming message based on the origin (some dictionary somewhere?) in order to improve possible performance penalties, but I don't want to sacrifice the modularity of the code, so I'm not sure how to handle this right now.