Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Asset Information Management

TABLE OF CONTENTS

Cross-Site Communication Solutions

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMay 10, 2023
  • 1 minute read

While prevention of cross-site scripting (XSS) is an important security feature of web browsers, it prevents pages from different domains from communicating - even when those pages are not hostile. The window.postMessage method provides a controlled mechanism to safely enable cross-site communication, regardless of the source domain, in a way it is designed to not enable cross-site scripting attacks. For HTML5 Web Messaging, you can use this API to enable communication between remotely hosted SSRS Report web pages and event objects in the AIM Dashboard page.

Syntax: otherWindow.postMessage(message, targetOrigin, [transfer]);

Parameter

Description

otherWindow

A reference to another window.

message

Data to be sent to the window.

targetOrigin

Specifies what the origin (URI) of the other window where the message will be sent, enter either as a string ‘*’ (indicates no preference) or as a URL.

transfer

Sequence of optional values that are transferred with the message.

This method must be used on the window where the message is being sent. It restricts the source which called the windows.postMessage method and the target to send the message. The windows.postMessage API is supported by all modern browsers.

Related Links
TitleResults for “How to create a CRG?”Also Available in