SlideShare a Scribd company logo

Breaking The Cross Domain Barrier

Download as PPT, PDF
Alex Sexton
Alex Sexton

If you had to rank the best and worst moments of your JavaScript life, you’d probably rank reading “The Good Parts” up towards the top, and deep down at the bottom of the list would be the day that you found out that you couldn’t make cross-domain requests in the browser. This talk covers the hacks, tips, and tricks to leave the Same Origin Policy in the dust. So grab a cookie, pad your JSON, and learn how to communicate properly.

Technology
1 of 47
Breaking The Cross Domain Barrier ,[object Object]
A Story... ,[object Object],[object Object],[object Object]
Same Origin Policy ,[object Object],[object Object]
Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
YEA BUT WHAT IF... ,[object Object],[object Object],[object Object]
The Solution ,[object Object]
THE END. ,[object Object]
<RecordScratch.wav> ,[object Object],[object Object],[object Object]
Some Options ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Post Message ,[object Object],[object Object]
Post Message ,[object Object]
Post Message ,[object Object],[object Object],[object Object],[object Object],What’s it good for?
Post Message Works In... ,[object Object],[object Object],[object Object],[object Object],[object Object]
JSONP ,[object Object]
JSONEN JavaScript Object Notation Except Not **Formerly JSONP
JSON ,[object Object],[object Object],[object Object]
JSONP ,[object Object]
JSONP - Why it’s special ,[object Object],[object Object]
How JSONP Works ,[object Object]
How JSONP Works ,[object Object],hint-hint
How JSONP Works ,[object Object]
JSONP Is Good For... ,[object Object],[object Object],[object Object],[object Object]
CORS | Tap the Rockies ,[object Object]
CORS - HOW?
CORS - HOW? ,[object Object]
CORS - From the Server... ,[object Object],[object Object]
CORS - Compatibility ,[object Object],[object Object],[object Object],[object Object],Unrelated Graph
CORS - What’s it Good For? ,[object Object],[object Object],[object Object],[object Object],[object Object]
Document.domain Hackz ,[object Object],[object Object],[object Object],[object Object]
Window.name HI! I’m Jerry the Window!
Window.name ,[object Object],[object Object],**This is obviously a little simplified Added to Dojo 2 years ago: http://bugs.dojotoolkit.org/ticket/6893
Server Side Proxies ,[object Object],mySite yourSite myServer http://benalman.com/projects/php-simple-proxy/ Works everywhere XHR does
Crazy iFrame Hacks ,[object Object],[object Object],[object Object],FACTS
Crazy iFrame Hacks ,[object Object],a.com b.com a.com
Crazy iFrame Hacks ,[object Object],a.com b.com a.com Change the url hash on the innermost iframe to the message /#secret
Crazy iFrame Hacks ,[object Object],a.com b.com a.com Have the top level frame read the message on the hash /#secret
Crazy iFrame Hacks ,[object Object],[object Object],[object Object],How to know when to receive data Fast (where it works)
Crazy iFrame Hacks ,[object Object],[object Object]
Best of both worlds? ,[object Object],A library that will use postMessage first and then a series of different techniques based on which browser you use, but with normalized syntax. http://easyxdm.net/
Best of Both Worlds? ,[object Object],http://flxhr.flensed.com/
What about cookies? ,[object Object],[object Object]
What about cookies in Safari? ,[object Object],[object Object]
What about cookies in Safari? If we post to an iframe it will thank us by sending cookies http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
Why Cookies? ,[object Object],TotallyNotTrackingYou.com Other Sites Holds your unique cookie
Lessons ,[object Object],[object Object],[object Object]
Thanks! ,[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

How Credit Card Processing Works
How Credit Card Processing WorksHow Credit Card Processing Works
How Credit Card Processing Works
Business.com
 
Pros and Cons about Credit card
Pros and Cons about Credit cardPros and Cons about Credit card
Pros and Cons about Credit card
Nurul Fajri
 
Blockchain in Banking, Business and Beyond
Blockchain in Banking, Business and BeyondBlockchain in Banking, Business and Beyond
Blockchain in Banking, Business and Beyond
Michael Novak
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
Jordan Harris
 
B2C e-commerce Presentation
B2C e-commerce PresentationB2C e-commerce Presentation
B2C e-commerce Presentation
Md.zahedul Karim Tuhin
 
Debit card
Debit cardDebit card
Debit card
Sanjana027
 
Crowdfunding
CrowdfundingCrowdfunding
Crowdfunding
Kevin Fei
 
E commerce - ppt
E commerce - ppt E commerce - ppt
E commerce - ppt
Saiqa Hashmi
 

Recommended

How Credit Card Processing Works
How Credit Card Processing WorksHow Credit Card Processing Works
How Credit Card Processing Works
Business.com
 
Pros and Cons about Credit card
Pros and Cons about Credit cardPros and Cons about Credit card
Pros and Cons about Credit card
Nurul Fajri
 
Blockchain in Banking, Business and Beyond
Blockchain in Banking, Business and BeyondBlockchain in Banking, Business and Beyond
Blockchain in Banking, Business and Beyond
Michael Novak
 
Introduction to Blockchain
Introduction to BlockchainIntroduction to Blockchain
Introduction to Blockchain
Jordan Harris
 
B2C e-commerce Presentation
B2C e-commerce PresentationB2C e-commerce Presentation
B2C e-commerce Presentation
Md.zahedul Karim Tuhin
 
Debit card
Debit cardDebit card
Debit card
Sanjana027
 
Crowdfunding
CrowdfundingCrowdfunding
Crowdfunding
Kevin Fei
 
E commerce - ppt
E commerce - ppt E commerce - ppt
E commerce - ppt
Saiqa Hashmi
 
Evernym May 2021 Product Update
Evernym May 2021 Product UpdateEvernym May 2021 Product Update
Evernym May 2021 Product Update
Evernym
 
Ecommerce Business Models
Ecommerce Business ModelsEcommerce Business Models
Ecommerce Business Models
Jithu Thulasi Chand
 
Block Chain
Block ChainBlock Chain
Block Chain
Md.Noman Hasan
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
Prabath Siriwardena
 
Serverless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud WorkflowsServerless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud Workflows
Márton Kodok
 
Credit Cards
Credit CardsCredit Cards
Credit Cards
Arun Kumar Rama Chandran
 
Cross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORSCross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORS
Michael Neale
 
CORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORSCORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORS
Jared Ottley
 
Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programming
benvinegar
 
Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORS
Vladimir Dzhuvinov
 
CORS and (in)security
CORS and (in)securityCORS and (in)security
CORS and (in)security
n|u - The Open Security Community
 
Cross Origin Resource Sharing
Cross Origin Resource SharingCross Origin Resource Sharing
Cross Origin Resource Sharing
Luke Weerasooriya
 
Machine Learning
Machine LearningMachine Learning
Machine Learning
Bharat Khatri
 
Stop-Loss - как это работает
Stop-Loss - как это работаетStop-Loss - как это работает
Stop-Loss - как это работает
Sergey Boronin
 
Cross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic webCross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic web
Andrea Scharnhorst
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hacking
Blueinfy Solutions
 
Google guava - almost everything you need to know
Google guava - almost everything you need to knowGoogle guava - almost everything you need to know
Google guava - almost everything you need to know
Tomasz Dziurko
 
Cookie testing
Cookie testingCookie testing
Cookie testing
BugRaptors
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
Michele Orru
 
iOS WebView App
iOS WebView AppiOS WebView App
iOS WebView App
hagino 3000
 
Integral Ad Science Viewability Presentation
Integral Ad Science Viewability PresentationIntegral Ad Science Viewability Presentation
Integral Ad Science Viewability Presentation
Integral Ad Science
 
JavaScript Avanzado
JavaScript AvanzadoJavaScript Avanzado
JavaScript Avanzado
Adolfo Sanz De Diego
 

More Related Content

What's hot

Serverless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud WorkflowsServerless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud Workflows
Márton Kodok
 

What's hot (6)

Evernym May 2021 Product Update
Evernym May 2021 Product UpdateEvernym May 2021 Product Update
Evernym May 2021 Product Update
 
Ecommerce Business Models
Ecommerce Business ModelsEcommerce Business Models
Ecommerce Business Models
 
Block Chain
Block ChainBlock Chain
Block Chain
 
Blockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access ManagementBlockchain-based Solutions for Identity & Access Management
Blockchain-based Solutions for Identity & Access Management
 
Serverless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud WorkflowsServerless orchestration and automation with Cloud Workflows
Serverless orchestration and automation with Cloud Workflows
 
Credit Cards
Credit CardsCredit Cards
Credit Cards
 

Viewers also liked

Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programming
benvinegar
 
Cross Origin Resource Sharing
Cross Origin Resource SharingCross Origin Resource Sharing
Cross Origin Resource Sharing
Luke Weerasooriya
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
Michele Orru
 
Integral Ad Science Viewability Presentation
Integral Ad Science Viewability PresentationIntegral Ad Science Viewability Presentation
Integral Ad Science Viewability Presentation
Integral Ad Science
 
JavaScript Avanzado
JavaScript AvanzadoJavaScript Avanzado
JavaScript Avanzado
Adolfo Sanz De Diego
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Alvaro Sanchez-Mariscal
 

Viewers also liked (20)

Cross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORSCross site calls with javascript - the right way with CORS
Cross site calls with javascript - the right way with CORS
 
CORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORSCORS - Enable Alfresco for CORS
CORS - Enable Alfresco for CORS
 
Modern iframe programming
Modern iframe programmingModern iframe programming
Modern iframe programming
 
Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORS
 
CORS and (in)security
CORS and (in)securityCORS and (in)security
CORS and (in)security
 
Cross Origin Resource Sharing
Cross Origin Resource SharingCross Origin Resource Sharing
Cross Origin Resource Sharing
 
Machine Learning
Machine LearningMachine Learning
Machine Learning
 
Stop-Loss - как это работает
Stop-Loss - как это работаетStop-Loss - как это работает
Stop-Loss - как это работает
 
Cross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic webCross domain knowledge discovery, complex system theory and semantic web
Cross domain knowledge discovery, complex system theory and semantic web
 
HTML5 hacking
HTML5 hackingHTML5 hacking
HTML5 hacking
 
Google guava - almost everything you need to know
Google guava - almost everything you need to knowGoogle guava - almost everything you need to know
Google guava - almost everything you need to know
 
Cookie testing
Cookie testingCookie testing
Cookie testing
 
When you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the massesWhen you don't have 0days: client-side exploitation for the masses
When you don't have 0days: client-side exploitation for the masses
 
iOS WebView App
iOS WebView AppiOS WebView App
iOS WebView App
 
Integral Ad Science Viewability Presentation
Integral Ad Science Viewability PresentationIntegral Ad Science Viewability Presentation
Integral Ad Science Viewability Presentation
 
JavaScript Avanzado
JavaScript AvanzadoJavaScript Avanzado
JavaScript Avanzado
 
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015Stateless authentication with OAuth 2 and JWT - JavaZone 2015
Stateless authentication with OAuth 2 and JWT - JavaZone 2015
 
(Не)безопасный frontend
(Не)безопасный frontend(Не)безопасный frontend
(Не)безопасный frontend
 
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
Y Combinator Startup Class #1 : Ideas, Products, Teams and Execution (Part 1)
 
How to start a Startup - Sam Altman
How to start a Startup - Sam AltmanHow to start a Startup - Sam Altman
How to start a Startup - Sam Altman
 

Similar to Breaking The Cross Domain Barrier

Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror Stories
EC-Council
 
Bringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkersBringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkers
Corey Clark, Ph.D.
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
nhepner
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScript
d0nn9n
 

Similar to Breaking The Cross Domain Barrier (20)

Design Reviewing The Web
Design Reviewing The WebDesign Reviewing The Web
Design Reviewing The Web
 
Dmk Bo2 K7 Web
Dmk Bo2 K7 WebDmk Bo2 K7 Web
Dmk Bo2 K7 Web
 
Web Browsers And Other Mistakes
Web Browsers And Other MistakesWeb Browsers And Other Mistakes
Web Browsers And Other Mistakes
 
Browser Internals-Same Origin Policy
Browser Internals-Same Origin PolicyBrowser Internals-Same Origin Policy
Browser Internals-Same Origin Policy
 
Web Browsers And Other Mistakes
Web Browsers And Other MistakesWeb Browsers And Other Mistakes
Web Browsers And Other Mistakes
 
Everybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs tooEverybody loves html5,h4ck3rs too
Everybody loves html5,h4ck3rs too
 
How To Be A Hacker
How To Be A HackerHow To Be A Hacker
How To Be A Hacker
 
XSS Without Browser
XSS Without BrowserXSS Without Browser
XSS Without Browser
 
Real-Time with Flowdock
Real-Time with FlowdockReal-Time with Flowdock
Real-Time with Flowdock
 
Browser Horror Stories
Browser Horror StoriesBrowser Horror Stories
Browser Horror Stories
 
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generatorsDEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
DEF CON 27 - BEN SADEGHIPOUR - owning the clout through ssrf and pdf generators
 
Bringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkersBringing The Sexy Back To WebWorkers
Bringing The Sexy Back To WebWorkers
 
Jinx - Malware 2.0
Jinx - Malware 2.0Jinx - Malware 2.0
Jinx - Malware 2.0
 
Transforming WebSockets
Transforming WebSocketsTransforming WebSockets
Transforming WebSockets
 
Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09Building Desktop RIAs with JavaScript and PHP - ZendCon09
Building Desktop RIAs with JavaScript and PHP - ZendCon09
 
Web technologies lesson 1
Web technologies lesson 1Web technologies lesson 1
Web technologies lesson 1
 
Be ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orruBe ef presentation-securitybyte2011-michele_orru
Be ef presentation-securitybyte2011-michele_orru
 
Douglas - Real JavaScript
Douglas - Real JavaScriptDouglas - Real JavaScript
Douglas - Real JavaScript
 
Intro to advanced web development
Intro to advanced web developmentIntro to advanced web development
Intro to advanced web development
 
All of Javascript
All of JavascriptAll of Javascript
All of Javascript
 

Recently uploaded

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
Safe Software
 

Recently uploaded (20)

AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
WSO2 Micro Integrator for Enterprise Integration in a Decentralized, Microser...
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 

Breaking The Cross Domain Barrier

  • 1.
  • 2.
  • 3.
  • 4. Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
  • 5. Same Origin Policy It’s actually an important rule. You wouldn’t want to have this happen:
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. JSONEN JavaScript Object Notation Except Not **Formerly JSONP
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31. Window.name HI! I’m Jerry the Window!
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44. What about cookies in Safari? If we post to an iframe it will thank us by sending cookies http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari/
  • 45.
  • 46.
  • 47.