Window.name implementation of cross-domain data transfer

This article complements JavaScript cross-domain summaries and workarounds.

There are three pages:

A.com/app.html: Application page.
a.com/proxy.html: Proxy file, which is usually an HTML file without any content, needs and applies the page under the same domain.
B.com/data.html: The page where the application page needs to get data, which can be called a data page.

The basic steps to implement are as follows:

Create an IFRAME in the Application page (a.com/app.html) and point its SRC to the data page (b.com/data.html).
The data page attaches the data to the window.name of the IFRAME, and the data.html code is as follows:

<script type= "Text/javascript" >
Window.name = ' I was there! '; Here is the data to be transferred, the size is generally 2m,ie and Firefox can be as large as about 32M
Data formats can be customized, such as JSON, string
</script>

In the App page (a.com/app.html), listen for the onload event of the IFRAME, which sets the src of this iframe to the proxy file for the local domain (the proxy file and the app page are in the same field, so you can communicate with each other). The app.html section code is as follows:

<script type= "Text/javascript" >
var state = 0,
iframe = document.createelement (' iframe '),
LOADFN = function () {
if (state = = = 1) {
var data = Iframe.contentWindow.name; Reading data
alert (data); Eject ' I was there! '
} else if (state = = = 0) {
state = 1;
Iframe.contentWindow.location = "http://a.com/proxy.html"; Set the proxy file
}
};
IFRAME.SRC = ' http://b.com/data.html ';
if (iframe.attachevent) {
Iframe.attachevent (' onload ', LOADFN);
} else {
Iframe.onload = LOADFN;
}
Document.body.appendChild (IFRAME);
</script>

Get the data to destroy this IFRAME, free memory, this also guarantees security (not by other domain frame JS access).

<script type= "Text/javascript" >
Iframe.contentWindow.document.write (");
Iframe.contentWindow.close ();
Document.body.removeChild (IFRAME);
</script>

In summary, the SRC attribute of the IFRAME is shifted from the domain to the local domain, and the cross-field data is transferred from the Window.name to the local domain by the IFRAME. This cleverly bypasses the browser's cross-domain access restrictions, but at the same time it is safe to operate.

Reference article: Window.name Transport, Session variables without cookies, using window.name to solve cross-domain problems, using window.name to implement the basic steps of cross-domain access, HV write samples.

Window.name implementation of cross-domain data transfer